urlscan.io logo urlscan.io
SecurityTrails logo

fbsuportaccount.site Open in urlscan Pro
2606:4700:3030::ac43:9fa5  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://fbsuportaccount.site/
Submission: On March 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 2606:4700:3030::ac43:9fa5, located in United States and belongs to CLOUDFLARENET, US. The main domain is fbsuportaccount.site.
TLS certificate: Issued by GTS CA 1P5 on March 13th 2024. Valid for: 3 months.
This is the only time fbsuportaccount.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2
Apex Domain
Subdomains		 Transfer
1 fbsuportaccount.site
fbsuportaccount.site
189 KB
1 1
Domain Requested by
1 fbsuportaccount.site
1 1

This site contains no links.

Subject Issuer Validity Valid
fbsuportaccount.site
GTS CA 1P5		 2024-03-13 -
2024-06-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://fbsuportaccount.site/
Frame ID: D28DD6B5839E76998875F144396008CC
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Meta for Business

Page Statistics

1
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

201 kB
Transfer

670 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fbsuportaccount.site/ 		586 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fbsuportaccount.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:9fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9be929a2739d16f1f5141be5b10eac802069d3aa6c585fbca1c0932c00fa6fca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8647de342bb80c96-EWR
content-encoding
br
content-type
text/html
date
Thu, 14 Mar 2024 22:58:21 GMT
last-modified
Thu, 07 Mar 2024 14:42:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DMwDuta81c7hmc17nVbitnp20YKeFWmad3b63EvKCZA5js2zvHMBjMSxw8VCS6Ao38jjHF3MtPe63EiWEIM48dl2jwmgJd47VqYqBEs%2Fzulwh0HTCCjG5yKze39fIFj%2B8vejOaVaMDHZedXCPuX8Rasgpw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
truncated
/ 		48 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e43b722e09d8ee493d73b4f584aa8e2f78c442cfc4043f2e7f1b355e3ff40832

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c865955063fd1f865128672d6b8f896678b5b4a095b17b3bea8367fb0d94c92

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d1b534880658b6020450bde85d0e5b3522b8a9caab0bef89f29e96b83b6d200

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f95ec6c859f4afa3cdc887673121919c3cf6fa04c41b4304a9bc71463bd84d0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78

Request headers

Referer
Origin
https://fbsuportaccount.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
font/woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| savepage_ShadowLoader

0 Cookies