urlscan.io logo urlscan.io
SecurityTrails logo

m.facbook-app.tk Open in urlscan Pro
2404:6800:4004:820::2013  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://m.facbook-app.tk/
Effective URL: https://m.facbook-app.tk/
Submission: On May 12 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 2404:6800:4004:820::2013, located in Australia and belongs to GOOGLE, US. The main domain is m.facbook-app.tk.
TLS certificate: Issued by GTS CA 1D4 on May 10th 2022. Valid for: 3 months.
This is the only time m.facbook-app.tk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

Apex Domain
Subdomains		 Transfer
6 fbcdn.net
z-m-static.xx.fbcdn.net — Cisco Umbrella Rank: 66348
25 KB
3 facbook-app.tk
m.facbook-app.tk
11 KB
1 facebook.com
facebook.com — Cisco Umbrella Rank: 32
3 KB
1 blogger.com
www.blogger.com — Cisco Umbrella Rank: 7841
57 KB
10 4
Domain Requested by
6 z-m-static.xx.fbcdn.net m.facbook-app.tk
z-m-static.xx.fbcdn.net
3 m.facbook-app.tk 1 redirects m.facbook-app.tk
1 facebook.com m.facbook-app.tk
1 www.blogger.com m.facbook-app.tk
10 4

This site contains no links.

Subject Issuer Validity Valid
m.facbook-app.tk
GTS CA 1D4		 2022-05-10 -
2022-08-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-18 -
2022-05-19		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://m.facbook-app.tk/
Frame ID: B6300804FF768C601364823FAC1A1699
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fb app

Page URL History Show full URLs

  1. http://m.facbook-app.tk/ HTTP 301
    https://m.facbook-app.tk/ Page URL

Page Statistics

10
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

95 kB
Transfer

291 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://m.facbook-app.tk/ HTTP 301
    https://m.facbook-app.tk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
m.facbook-app.tk/
Redirect Chain
  • http://m.facbook-app.tk/
  • https://m.facbook-app.tk/
34 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.facbook-app.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2013 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b673b19816056e137fdd30605f31852d30da3dc16db6a74ca9c05bd5d01bd902
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
8132
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
content-type
text/html; charset=UTF-8
date
Thu, 12 May 2022 16:03:16 GMT
etag
W/"07de95c8f0d41b5a640013c378ffef6bf9761449160e0a82c30d22d095df5127"
expires
Thu, 12 May 2022 16:03:16 GMT
last-modified
Wed, 11 May 2022 10:52:11 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
174
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=UTF-8
Date
Thu, 12 May 2022 16:03:16 GMT
Expires
Thu, 12 May 2022 16:03:16 GMT
Location
https://m.facbook-app.tk/
Server
GSE
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
vrw1-HRIFub.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/vrw1-HRIFub.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: m.facbook-app.tk
URL: https://m.facbook-app.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:84:face:b00c:0:14c9 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
006ede592f8117834bfcf0c2cd550e8d94128925f277768c2551c1f4eb3af94f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.facbook-app.tk/
Origin
https://m.facbook-app.tk
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 16:03:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4XrPhmQ7ceO4aDiAuj0j7g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
3174
x-fb-rlafr
0
x-fb-debug
hw9tIy5QsKC6yXMDpCIIjl+/AGB4rInd4A9iL7PdDiOA5gpGNU6iFWGu95e/XW3BaGyZjDFO3FJSUrnDCOahDQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 08 May 2023 17:53:03 GMT
9BOUw8FHHbs.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://z-m-static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/9BOUw8FHHbs.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: m.facbook-app.tk
URL: https://m.facbook-app.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:84:face:b00c:0:14c9 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
606e88c62691c8dfff1b93c724ec6aacb301c1fe6824c2e2d78897810f59bacd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.facbook-app.tk/
Origin
https://m.facbook-app.tk
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 16:03:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Tsty02mZ0HGaZ60QMZyX5w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
2452
x-fb-rlafr
0
x-fb-debug
j3IXbR5JGh/p5NRtOW7Fb3lytCJArxOfL2kEVSsQzFLAUnur+rPW0OhBgJSxu6hb13O1ihFu/LXJ4ev1tf6W3g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 11 May 2023 20:05:29 GMT
3K4q4ElU2P3.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,cross/3K4q4ElU2P3.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: m.facbook-app.tk
URL: https://m.facbook-app.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:84:face:b00c:0:14c9 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa321ead6d08b96a3e57beed88329e80077004481395ba2d5ccc97c8bcce96e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.facbook-app.tk/
Origin
https://m.facbook-app.tk
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 16:03:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4sIdWLXsPWumDiDzRfnLvQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7662
x-fb-rlafr
0
x-fb-debug
EUSJTzvARl7RZoFZ8mszmaG4EbAkHrAyNrHdvhQNARrxXv3F6XgEyj7KeyD9ybAr3qNKHw+YQl/4pZv0CuSlKg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 11 May 2023 16:04:32 GMT
POmIlExNI5S.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ 		33 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/POmIlExNI5S.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: m.facbook-app.tk
URL: https://m.facbook-app.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:84:face:b00c:0:14c9 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
664680f6cff47cc1ed9ba12b74cc62f1b49094583b8700f04ef603fc9b8b998b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://m.facbook-app.tk/
Origin
https://m.facbook-app.tk
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 16:03:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
S7WMTokGELvreVuuchdIYw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
8779
x-fb-rlafr
0
x-fb-debug
FTbGGnxVq5iViq8jMRQxRdcpIkXk7NRt5vhljXBYOGjZ/eVUYcVZ/uA0ygGYPsLTJeoy2+9Rk5ajjb+iGGG2Bw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 11 May 2023 16:04:32 GMT
1502135753-widgets.js
www.blogger.com/static/v1/widgets/ 		155 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/1502135753-widgets.js
Requested by
Host: m.facbook-app.tk
URL: https://m.facbook-app.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2009 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0559d585ade84e89986510701118717043ae9c24325424eca4a338c381d99e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://m.facbook-app.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 09 May 2022 02:19:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308645
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57345
x-xss-protection
0
last-modified
Mon, 09 May 2022 00:49:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 09 May 2023 02:19:11 GMT
sprite_v1_6.css.svg
m.facbook-app.tk/responsive/ 		7 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://m.facbook-app.tk/responsive/sprite_v1_6.css.svg
Requested by
Host: m.facbook-app.tk
URL: https://m.facbook-app.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2013 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://m.facbook-app.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 16:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 12 May 2022 07:56:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/svg+xml
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2244
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 19 May 2022 16:03:16 GMT
EDFsehamV8T.png
z-m-static.xx.fbcdn.net/rsrc.php/v3/yj/r/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yj/r/EDFsehamV8T.png
Requested by
Host: z-m-static.xx.fbcdn.net
URL: https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/vrw1-HRIFub.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:84:face:b00c:0:14c9 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fe982e7fa4b4ee454fcf99453c0315c8fbeb643179bc825b4df6927bd1a25ac4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://z-m-static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/vrw1-HRIFub.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 16:03:16 GMT
x-content-type-options
nosniff
content-md5
I8vGJxtIMXgCuJvRkUipUw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1290
x-fb-rlafr
0
x-fb-debug
2jSqP8T75krXFI/0jAXoPDEZ6Nt4pM7soCyl8p5AXroAStG3KbfTFwJIE2lb9+3fvpgN58ZepTOtrPdc0fmEVQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 06 May 2023 22:11:00 GMT
dF5SId3UHWd.svg
z-m-static.xx.fbcdn.net/rsrc.php/y8/r/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z-m-static.xx.fbcdn.net/rsrc.php/y8/r/dF5SId3UHWd.svg
Requested by
Host: m.facbook-app.tk
URL: https://m.facbook-app.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:84:face:b00c:0:14c9 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://m.facbook-app.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 12 May 2022 16:03:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
NiMA5zHIsmaYxSYEaw9fHg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1027
x-fb-rlafr
0
x-fb-debug
XPekUVz6iz1yI5v7btUvkiDlMeaSJnQTtvRfjnH9+mQeTzLafKGqaBSNc3Ak7Bwzsa0ZPEZmBa0wvB7v5RU8Sw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 05 May 2023 17:48:27 GMT
hsts-pixel.gif
facebook.com/security/ 		43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://facebook.com/security/hsts-pixel.gif
Requested by
Host: m.facbook-app.tk
URL: https://m.facbook-app.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://m.facbook-app.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
0
pragma
no-cache
x-fb-debug
r9SeCjrz1vJQ2+8ebOXhyUDV3ROFBzp7o21MxEnou+M+H7Yvb/e8lXcF/xAIBHGa/Y9pAfPQrq9I3nr7Q7wxJw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 12 May 2022 16:03:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
image/gif
access-control-allow-origin
*
vary
Origin, Accept-Encoding
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
access-control-expose-headers
X-FB-Debug, X-Loader-Length

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails string| str function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block