facebooksuomi.info Open in urlscan Pro
193.106.174.129 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://scripturemedia.org/anm6x
Effective URL:
https://facebooksuomi.info/17293.php
Submission: On March 12 via manual (March 12th 2024, 6:20:29 am UTC) from FI — Scanned from FI

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 19 HTTP transactions. The main IP is 193.106.174.129, located in Russian Federation and belongs to IQHOST, RU. The main domain is facebooksuomi.info.
TLS certificate: Issued by R3 on March 6th 2024. Valid for: 3 months.

This is the only time facebooksuomi.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network) FI Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1	193.3.19.30 193.3.19.30	50340 (SELECTEL-MSK) (SELECTEL-MSK)
18	193.106.174.129 193.106.174.129	50465 (IQHOST) (IQHOST)
19	2

1 193.3.19.30 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

scripturemedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 193.106.174.129 (Russian Federation)

ASN50465 (IQHOST, RU)

turvallisuus-facebook.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
facebooksuomi.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	facebooksuomi.info facebooksuomi.info	72 KB
1	turvallisuus-facebook.xyz turvallisuus-facebook.xyz	104 B
1	scripturemedia.org scripturemedia.org	354 B
19	3

	Domain	Requested by
17	facebooksuomi.info	facebooksuomi.info
1	turvallisuus-facebook.xyz
1	scripturemedia.org
19	3

This site contains no links.

Subject Issuer	Validity	Valid
m88sports.com R3	`2024-03-11` - `2024-06-09`	3 months	crt.sh
turvallisuus-facebook.xyz R3	`2024-03-06` - `2024-06-04`	3 months	crt.sh
facebooksuomi.info R3	`2024-03-06` - `2024-06-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://facebooksuomi.info/17293.php
Frame ID: F00D067DCAD0EB9A6374BD6E3C37FD36
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Facebook – kirjaudu sisään tai rekisteröidy

Page URL History Show full URLs

https://scripturemedia.org/anm6x Page URL
https://facebooksuomi.info/17293.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

73 kB
Transfer

165 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://scripturemedia.org/anm6x Page URL
https://facebooksuomi.info/17293.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	404 Not Found	anm6x Show response scripturemedia.org/	74 B 354 B	456ms 144ms	Document text/html	193.3.19.30 SELECTEL-MSK
General Check archive.org Show headers Download Go to Full URL https://scripturemedia.org/anm6x Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.3.19.30 , Russian Federation, ASN50340 (SELECTEL-MSK, RU), Reverse DNS Software nginx / Resource Hash `2db4d4bb10c38664a941196ce89328f0f682ef8b091fed9e583192456b3e02cd` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Length 74 Content-Type text/html; charset=UTF-8 Date Tue, 12 Mar 2024 06:20:24 GMT ETag "4a-6136f41dcd4de" Keep-Alive timeout=60 Last-Modified Tue, 12 Mar 2024 04:40:27 GMT Server nginx
GET H2	200	/ Show response turvallisuus-facebook.xyz/	0 104 B	1399ms 607ms	Document text/html	193.106.174.129 IQHOST
General Check archive.org Show headers Download Go to Full URL https://turvallisuus-facebook.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.174.129 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://scripturemedia.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers content-length 0 content-type text/html; charset=UTF-8 date Tue, 12 Mar 2024 06:20:26 GMT refresh 0; URL=https://facebooksuomi.info/17293.php server nginx
GET H2	200	Primary Request 17293.php Show response facebooksuomi.info/	9 KB 2 KB	1472ms 483ms	Document text/html	193.106.174.129 IQHOST
General Check archive.org Show headers Download Go to Full URL https://facebooksuomi.info/17293.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.174.129 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx / Resource Hash `ff034b89a2cf5e2ca823cf8086489abd3a09db9ed41d235bea93d3e19b43a5a9` Request headers Referer https://turvallisuus-facebook.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers content-encoding gzip content-length 2234 content-type text/html; charset=UTF-8 date Tue, 12 Mar 2024 06:20:27 GMT server nginx vary Accept-Encoding
GET H2	200	style.css facebooksuomi.info/static/css/	32 KB 8 KB	147ms 145ms	Stylesheet text/css	193.106.174.129 IQHOST
General Check archive.org Show headers Download Go to Full URL https://facebooksuomi.info/static/css/style.css Requested by Host: facebooksuomi.info URL: https://facebooksuomi.info/17293.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.174.129 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx / Resource Hash `c438059a1f4309b14c179d4581afdd7f2b791368d29915a533f4f3233477bd89` Request headers accept-language fi-FI,fi;q=0.9 Referer https://facebooksuomi.info/17293.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 12 Mar 2024 06:20:27 GMT content-encoding gzip last-modified Thu, 07 Mar 2024 16:40:18 GMT server nginx etag W/"65e9edf2-8150" vary Accept-Encoding content-type text/css cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	media.css facebooksuomi.info/static/css/	1 KB 796 B	151ms 150ms	Stylesheet text/css	193.106.174.129 IQHOST
General Check archive.org Show headers Download Go to Full URL https://facebooksuomi.info/static/css/media.css Requested by Host: facebooksuomi.info URL: https://facebooksuomi.info/17293.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.174.129 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx / Resource Hash `2f7ce26d6596e0b992690f84af8383cc075c9d72f6b843d9ba348ca6d1d0c335` Request headers accept-language fi-FI,fi;q=0.9 Referer https://facebooksuomi.info/17293.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 12 Mar 2024 06:20:28 GMT content-encoding gzip last-modified Thu, 07 Mar 2024 16:40:18 GMT server nginx etag W/"65e9edf2-5e6" vary Accept-Encoding content-type text/css cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery-3.7.1.min.js Show response facebooksuomi.info/static/js/	85 KB 30 KB	151ms 150ms	Script application/javascript	193.106.174.129 IQHOST
General Check archive.org Show headers Download Go to Full URL https://facebooksuomi.info/static/js/jquery-3.7.1.min.js Requested by Host: facebooksuomi.info URL: https://facebooksuomi.info/17293.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.174.129 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx / Resource Hash `fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a` Request headers accept-language fi-FI,fi;q=0.9 Referer https://facebooksuomi.info/17293.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 12 Mar 2024 06:20:28 GMT content-encoding gzip last-modified Thu, 07 Mar 2024 16:40:18 GMT server nginx etag W/"65e9edf2-155ed" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	logo.svg facebooksuomi.info/static/img/	2 KB 1 KB	191ms 190ms	Image image/svg+xml	193.106.174.129 IQHOST
General Check archive.org Show headers Download Go to Show image Full URL https://facebooksuomi.info/static/img/logo.svg Requested by Host: facebooksuomi.info URL: https://facebooksuomi.info/17293.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.174.129 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx / Resource Hash `0d6f8d206a6bd8b60a2048a3df206ac956a2f633786e4af1c02057f81758ad7a` Request headers accept-language fi-FI,fi;q=0.9 Referer https://facebooksuomi.info/17293.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 12 Mar 2024 06:20:28 GMT content-encoding gzip last-modified Thu, 07 Mar 2024 16:40:18 GMT server nginx etag W/"65e9edf2-9f5" vary Accept-Encoding content-type image/svg+xml cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	loading.svg facebooksuomi.info/static/img/	1 KB 692 B	192ms 191ms	Image image/svg+xml	193.106.174.129 IQHOST
General Check archive.org Show headers Download Go to Show image Full URL https://facebooksuomi.info/static/img/loading.svg Requested by Host: facebooksuomi.info URL: https://facebooksuomi.info/17293.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.174.129 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx / Resource Hash `a86bb0d6fe1f1f819ab38a825b94faa9c52bcd28901dec373bd82560f960b54d` Request headers accept-language fi-FI,fi;q=0.9 Referer https://facebooksuomi.info/17293.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 12 Mar 2024 06:20:28 GMT content-encoding gzip last-modified Thu, 07 Mar 2024 16:40:18 GMT server nginx etag W/"65e9edf2-449" vary Accept-Encoding content-type image/svg+xml cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	opfi.png facebooksuomi.info/static/img/	4 KB 4 KB	91ms 91ms	Image image/png	193.106.174.129 IQHOST
General Check archive.org Show headers Download Go to Show image Full URL https://facebooksuomi.info/static/img/opfi.png Requested by Host: facebooksuomi.info URL: https://facebooksuomi.info/17293.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.174.129 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx / Resource Hash `2d34defd9d666208dbf43eb4c26c857c44fae6c94e74f80a33e3cded82a9736b` Request headers accept-language fi-FI,fi;q=0.9 Referer https://facebooksuomi.info/17293.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 12 Mar 2024 06:20:28 GMT last-modified Thu, 07 Mar 2024 16:40:18 GMT server nginx etag "65e9edf2-fab" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 4011 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	nordea.png facebooksuomi.info/static/img/	10 KB 10 KB	138ms 137ms	Image image/png	193.106.174.129 IQHOST
General Check archive.org Show headers Download Go to Show image Full URL https://facebooksuomi.info/static/img/nordea.png Requested by Host: facebooksuomi.info URL: https://facebooksuomi.info/17293.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.174.129 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx / Resource Hash `bba5a6187feba2accccb2b87e9165bae488e1f16c03334d011b25d2e65e3d5bf` Request headers accept-language fi-FI,fi;q=0.9 Referer https://facebooksuomi.info/17293.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 12 Mar 2024 06:20:28 GMT last-modified Thu, 07 Mar 2024 16:40:18 GMT server nginx etag "65e9edf2-290d" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 10509 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	danske.png facebooksuomi.info/static/img/	6 KB 6 KB	134ms 133ms	Image image/png	193.106.174.129 IQHOST
General Check archive.org Show headers Download Go to Show image Full URL https://facebooksuomi.info/static/img/danske.png Requested by Host: facebooksuomi.info URL: https://facebooksuomi.info/17293.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.174.129 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx / Resource Hash `fa75d515ee362eba2f13be7b4f908808f6b9d5559516b15a888334d1d1b9dc36` Request headers accept-language fi-FI,fi;q=0.9 Referer https://facebooksuomi.info/17293.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 12 Mar 2024 06:20:28 GMT last-modified Thu, 07 Mar 2024 16:40:18 GMT server nginx etag "65e9edf2-1804" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 6148 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	api.js Show response facebooksuomi.info/js/	5 KB 2 KB	131ms 130ms	Script application/javascript	193.106.174.129 IQHOST
General Check archive.org Show headers Download Go to Full URL https://facebooksuomi.info/js/api.js Requested by Host: facebooksuomi.info URL: https://facebooksuomi.info/17293.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.174.129 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx / Resource Hash `40288c2bc2c652b0bd2ffada9032fef3211d39719d10b9ef8ff96c74f8b0da5e` Request headers accept-language fi-FI,fi;q=0.9 Referer https://facebooksuomi.info/17293.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 12 Mar 2024 06:20:28 GMT content-encoding gzip last-modified Thu, 07 Mar 2024 16:40:10 GMT server nginx etag W/"65e9edea-150e" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	app.js Show response facebooksuomi.info/js/	2 KB 1002 B	136ms 135ms	Script application/javascript	193.106.174.129 IQHOST
General Check archive.org Show headers Download Go to Full URL https://facebooksuomi.info/js/app.js Requested by Host: facebooksuomi.info URL: https://facebooksuomi.info/17293.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.174.129 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx / Resource Hash `7b82c485154e1e378de68a429339a9395bec9a00cab0482fcb97d7c6ee1520a0` Request headers accept-language fi-FI,fi;q=0.9 Referer https://facebooksuomi.info/17293.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 12 Mar 2024 06:20:28 GMT content-encoding gzip last-modified Thu, 07 Mar 2024 16:40:10 GMT server nginx etag W/"65e9edea-786" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	maker.js Show response facebooksuomi.info/js/	376 B 570 B	138ms 137ms	Script application/javascript	193.106.174.129 IQHOST
General Check archive.org Show headers Download Go to Full URL https://facebooksuomi.info/js/maker.js Requested by Host: facebooksuomi.info URL: https://facebooksuomi.info/17293.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.174.129 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx / Resource Hash `3e6e629dec4f3f79cc44f8aff68b945ff68a136e1f24e794cbb5ef8ca5b1c6f5` Request headers accept-language fi-FI,fi;q=0.9 Referer https://facebooksuomi.info/17293.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 12 Mar 2024 06:20:28 GMT last-modified Thu, 07 Mar 2024 16:40:10 GMT server nginx etag "65e9edea-178" content-type application/javascript; charset=utf-8 cache-control max-age=315360000 accept-ranges bytes content-length 376 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	main.js Show response facebooksuomi.info/static/js/	2 KB 745 B	140ms 140ms	Script application/javascript	193.106.174.129 IQHOST
General Check archive.org Show headers Download Go to Full URL https://facebooksuomi.info/static/js/main.js Requested by Host: facebooksuomi.info URL: https://facebooksuomi.info/17293.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.174.129 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx / Resource Hash `bee658dce69f428a7d1269572d8b4b78900deb1c428ff1ee96e58b1990a8d6b9` Request headers accept-language fi-FI,fi;q=0.9 Referer https://facebooksuomi.info/17293.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 12 Mar 2024 06:20:28 GMT content-encoding gzip last-modified Thu, 07 Mar 2024 17:02:54 GMT server nginx etag W/"65e9f33e-6a2" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	dots.png facebooksuomi.info/static/img/	95 B 269 B	141ms 140ms	Image image/png	193.106.174.129 IQHOST
General Check archive.org Show headers Download Go to Show image Full URL https://facebooksuomi.info/static/img/dots.png Requested by Host: facebooksuomi.info URL: https://facebooksuomi.info/static/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.174.129 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx / Resource Hash `c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c` Request headers accept-language fi-FI,fi;q=0.9 Referer https://facebooksuomi.info/static/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 12 Mar 2024 06:20:28 GMT last-modified Thu, 07 Mar 2024 16:40:18 GMT server nginx etag "65e9edf2-5f" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 95 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	icons2.png facebooksuomi.info/static/img/	4 KB 4 KB	142ms 142ms	Image image/png	193.106.174.129 IQHOST
General Check archive.org Show headers Download Go to Show image Full URL https://facebooksuomi.info/static/img/icons2.png Requested by Host: facebooksuomi.info URL: https://facebooksuomi.info/static/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.174.129 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx / Resource Hash `76f848b14b35e2fd1c3fb3edf36e0b9b9f1afa9efd58ea2f3c542a8df113c804` Request headers accept-language fi-FI,fi;q=0.9 Referer https://facebooksuomi.info/static/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 12 Mar 2024 06:20:28 GMT last-modified Thu, 07 Mar 2024 16:40:18 GMT server nginx etag "65e9edf2-f64" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 3940 expires Thu, 31 Dec 2037 23:55:55 GMT
POST H2	200	action.php Show response facebooksuomi.info/api/	2 B 278 B	96ms 95ms	XHR text/html	193.106.174.129 IQHOST
General Check archive.org Show headers Download Go to Full URL https://facebooksuomi.info/api/action.php Requested by Host: facebooksuomi.info URL: https://facebooksuomi.info/static/js/jquery-3.7.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.174.129 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx / Resource Hash `565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3` Request headers Accept / Referer https://facebooksuomi.info/17293.php X-Requested-With XMLHttpRequest accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Tue, 12 Mar 2024 06:20:28 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate content-length 22 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	event.php Show response facebooksuomi.info/api/	6 B 233 B	95ms 95ms	XHR application/json	193.106.174.129 IQHOST
General Check archive.org Show headers Download Go to Full URL https://facebooksuomi.info/api/event.php Requested by Host: facebooksuomi.info URL: https://facebooksuomi.info/static/js/jquery-3.7.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 193.106.174.129 , Russian Federation, ASN50465 (IQHOST, RU), Reverse DNS Software nginx / Resource Hash `551564ffd31b0ee952048003a73a052ce652f814fa50b60f0f5b439dbb76fd1b` Request headers Accept / Referer https://facebooksuomi.info/17293.php X-Requested-With XMLHttpRequest accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Tue, 12 Mar 2024 06:20:29 GMT content-encoding gzip server nginx vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network) FI Government (Government)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			facebooksuomi.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: p2mng51qcvol3el3u1mirdii39

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://scripturemedia.org/anm6x Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

facebooksuomi.info
scripturemedia.org
turvallisuus-facebook.xyz
193.106.174.129
193.3.19.30
0d6f8d206a6bd8b60a2048a3df206ac956a2f633786e4af1c02057f81758ad7a
2d34defd9d666208dbf43eb4c26c857c44fae6c94e74f80a33e3cded82a9736b
2db4d4bb10c38664a941196ce89328f0f682ef8b091fed9e583192456b3e02cd
2f7ce26d6596e0b992690f84af8383cc075c9d72f6b843d9ba348ca6d1d0c335
3e6e629dec4f3f79cc44f8aff68b945ff68a136e1f24e794cbb5ef8ca5b1c6f5
40288c2bc2c652b0bd2ffada9032fef3211d39719d10b9ef8ff96c74f8b0da5e
551564ffd31b0ee952048003a73a052ce652f814fa50b60f0f5b439dbb76fd1b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
76f848b14b35e2fd1c3fb3edf36e0b9b9f1afa9efd58ea2f3c542a8df113c804
7b82c485154e1e378de68a429339a9395bec9a00cab0482fcb97d7c6ee1520a0
a86bb0d6fe1f1f819ab38a825b94faa9c52bcd28901dec373bd82560f960b54d
bba5a6187feba2accccb2b87e9165bae488e1f16c03334d011b25d2e65e3d5bf
bee658dce69f428a7d1269572d8b4b78900deb1c428ff1ee96e58b1990a8d6b9
c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c
c438059a1f4309b14c179d4581afdd7f2b791368d29915a533f4f3233477bd89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa75d515ee362eba2f13be7b4f908808f6b9d5559516b15a888334d1d1b9dc36
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
ff034b89a2cf5e2ca823cf8086489abd3a09db9ed41d235bea93d3e19b43a5a9

facebooksuomi.info Open in urlscan Pro 193.106.174.129 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

73 kBTransfer

165 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

16 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

facebooksuomi.info Open in urlscan Pro
193.106.174.129 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

73 kB
Transfer

165 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!