Submitted URL: http://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Effective URL: https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Submission: On January 21 via manual from DK — Scanned from DK

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 50.87.249.35, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is grupoaurora.pe.
TLS certificate: Issued by R3 on January 18th 2023. Valid for: 3 months.
This is the only time grupoaurora.pe was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 2 50.87.249.35 46606 (UNIFIEDLA...)
11 2a03:2880:f02... 32934 (FACEBOOK)
1 2a03:2880:f12... 32934 (FACEBOOK)
13 3
Apex Domain
Subdomains
Transfer
11 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 811
183 KB
2 grupoaurora.pe
grupoaurora.pe
20 KB
1 facebook.com
facebook.com — Cisco Umbrella Rank: 28
2 KB
13 3
Domain Requested by
11 static.xx.fbcdn.net grupoaurora.pe
static.xx.fbcdn.net
2 grupoaurora.pe 1 redirects
1 facebook.com grupoaurora.pe
13 3
Subject Issuer Validity Valid
www.grupoaurora.pe
R3
2023-01-18 -
2023-04-18
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-10-30 -
2023-01-28
3 months crt.sh

This page contains 1 frames:

Primary Page: https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Frame ID: 60CEF138C89AE2FD810E59465DB2E252
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

Facebook - log in or sign up

Page URL History Show full URLs

  1. http://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php HTTP 301
    https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

13
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

205 kB
Transfer

710 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php HTTP 301
    https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request facebook1.php
grupoaurora.pe/proyecto/malecon-acacias/login/
Redirect Chain
  • http://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
  • https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
78 KB
20 KB
Document
General
Full URL
https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.249.35 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box2072.bluehost.com
Software
Apache /
Resource Hash
c2f1b763a6cd6269f7a75b81402d88f068ccca860bb463b2b9c2b92aab3ec70b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 21 Jan 2023 09:30:46 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
server
Apache
vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
275
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 21 Jan 2023 09:30:45 GMT
Keep-Alive
timeout=5, max=75
Location
https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Server
Apache
_uwl5ZHCZLG.css
static.xx.fbcdn.net/rsrc.php/v3/yB/l/0,cross/
12 KB
3 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yB/l/0,cross/_uwl5ZHCZLG.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: grupoaurora.pe
URL: https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bf20fe5658a2643dcf30a1c99152f5581d3d9cfe8a073d06d06b44022bdbdd3e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://grupoaurora.pe/
Origin
https://grupoaurora.pe
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 09:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
vetoqYDxOsZri5e84e0nIA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2675
x-fb-rlafr
0
x-fb-debug
JtUmLaSb9Y58AAzXL1o7wr7xDDrj/5sU7LwywMEgZvzyYhOpBijF6bRxD9w1P7ylIYWBuD/tZQGOd0r+aGJpTQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 19 Jan 2024 02:19:52 GMT
qm0xAdCCfP5.css
static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/
14 KB
3 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/qm0xAdCCfP5.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: grupoaurora.pe
URL: https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
457f7366f7bc440db21ff29610d04181fbf97864c0e8117596f0fe4ed85c226a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://grupoaurora.pe/
Origin
https://grupoaurora.pe
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 09:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
1QlL4i84YQoVurG2s6+lig==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3245
x-fb-rlafr
0
x-fb-debug
DloQ/TPbbghRppdwMJYsojV1UG92VbnkY9zW/gTFQ+MQUuARyMswa37JEPAl/EIBpdWFMcV0D4/FCwDaM9vHuQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 11 Jan 2024 17:49:12 GMT
eScmVcFuskP.css
static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/
27 KB
6 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yP/l/0,cross/eScmVcFuskP.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: grupoaurora.pe
URL: https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a5164eb6123ddd4ae8675dfebccb8bbda4e7e285642c6c346881bfba644361e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://grupoaurora.pe/
Origin
https://grupoaurora.pe
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 09:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
o3DM2R3VakD1WmMfNryD6w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6164
x-fb-rlafr
0
x-fb-debug
l3XDucNENe6qFM+VFfJj8GMuBukh8s2WKMRBk5VfQ8xo+JHEqC/vLudnxcVz2BG7wAb/jC0Aahs9PxruKyCJjw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 19 Jan 2024 18:09:38 GMT
VUpSh3diKNx.css
static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/
36 KB
10 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yr/l/0,cross/VUpSh3diKNx.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: grupoaurora.pe
URL: https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5fb3ed6c4e62afd610b39480be7f8a068b41f95a3ec8f1d48f6631d3b413cfd7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://grupoaurora.pe/
Origin
https://grupoaurora.pe
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 09:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
eAb1Ht6Jan5RXnu4PtCi5Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9357
x-fb-rlafr
0
x-fb-debug
TVQRX91EgbU0OIcw7uBVDQCTbOsWfH0T/1sjhROWAufdZ4bheNYfd+3vBKpDxn0GT1TBB/6x7yjnXkMjuIlk2Q==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 19 Jan 2024 18:09:38 GMT
Kazxrm3cMip.js
static.xx.fbcdn.net/rsrc.php/v3/yB/r/
247 KB
65 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/Kazxrm3cMip.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: grupoaurora.pe
URL: https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
44242153eaedf57d56187e96398976a76a64ccc8d982cad9e3040a7fad9223da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://grupoaurora.pe/
Origin
https://grupoaurora.pe
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 09:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Jcj6sTxeOpshzg9Zl0eqkw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
66783
x-fb-rlafr
0
x-fb-debug
jtEnnSAmo8JGV1usd5syzb54S3DLKtb4k6flYkdkaLiANrGWfHl1sr58z6cY/suvFOu3FvAMmqNfvBpEwGJZuA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 13 Jan 2024 00:59:56 GMT
dF5SId3UHWd.svg
static.xx.fbcdn.net/rsrc.php/y8/r/
2 KB
1 KB
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/y8/r/dF5SId3UHWd.svg
Requested by
Host: grupoaurora.pe
URL: https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://grupoaurora.pe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 09:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
NiMA5zHIsmaYxSYEaw9fHg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1027
x-fb-rlafr
0
x-fb-debug
fxGY5Mp7aXLHu+xT29Hl/N5ot+5CvuLXyfCxSDzV7F/T1OM+34IvEj3ff9s8B0EIdOzOh5t8qAGAWVhBVeyHkw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Fri, 19 Jan 2024 17:44:45 GMT
hsts-pixel.gif
facebook.com/security/
43 B
2 KB
Image
General
Full URL
https://facebook.com/security/hsts-pixel.gif
Requested by
Host: grupoaurora.pe
URL: https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://grupoaurora.pe/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
date
Sat, 21 Jan 2023 09:30:46 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
ZpV0hJgG1J3jkEbrjvJDpGv3dkHE91jC2hWL5tYrbLIuaqfPQJDxW7+lcBe2L3BOgKM8dVEm9Wl3zucGIfybFw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
8u61af828FL.js
static.xx.fbcdn.net/rsrc.php/v3iczx4/yB/l/en_US/
182 KB
50 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iczx4/yB/l/en_US/8u61af828FL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: grupoaurora.pe
URL: https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a5a9cd0d67d209a3eb697ec873eb8139a30ef4311497db71750c6195b1e2aa4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://grupoaurora.pe/
Origin
https://grupoaurora.pe
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 09:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
svVXIvsGG50/kAz11pTREg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
51319
x-fb-rlafr
0
x-fb-debug
R/9dfqcBplDYcSup038UC8r4F7R8MmvhYcBCNK6NVRL+S+1Bx4qXt4xH7wcBVsJ9b0Bydt4hcu3APa4b9DD4bw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 19 Jan 2024 01:29:36 GMT
QBkA9ZfAK-V.js
static.xx.fbcdn.net/rsrc.php/v3/ym/r/
41 KB
12 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/QBkA9ZfAK-V.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: grupoaurora.pe
URL: https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
abaeab740ccfa1b4f2f39315d7a0b62f1061f76176d4852d163049ec72234b7d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://grupoaurora.pe/
Origin
https://grupoaurora.pe
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 09:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dxSBNxAoHpgvJ2qFBTqqRA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12436
x-fb-rlafr
0
x-fb-debug
rAyMoreW5uIyf15leNiymVPyJinNqm7n0BCbYZmFD3YHAhYtP28+JC8/iADRZGVZ+IuvTuauVXkD7/NckMpkhQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 18 Jan 2024 22:23:53 GMT
PKMVQj4LZST.js
static.xx.fbcdn.net/rsrc.php/v3/yU/r/
34 KB
10 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/PKMVQj4LZST.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: grupoaurora.pe
URL: https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1c8f7a41ad8211ec42034c574446aaeed4d33cc1424de76639030a2c8dd1e818
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://grupoaurora.pe/
Origin
https://grupoaurora.pe
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 09:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9cjeTegIPhZ26LKZRhEV8w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10402
x-fb-rlafr
0
x-fb-debug
lt5U9B8TswcEpeNulwksVKYWIUGers1SK3Bj4uWGPeJo2xca7S+Mb35FR40ZH4fS9onh7OkCaL6Ps0PaAPnBYA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 18 Jan 2024 19:32:56 GMT
w-3OJOxUYMY.js
static.xx.fbcdn.net/rsrc.php/v3/yw/r/
22 KB
7 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/w-3OJOxUYMY.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: grupoaurora.pe
URL: https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9369cfe626229f9f63885ae535e81a785dc6782eb804301f950d503cc98d297e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://grupoaurora.pe/
Origin
https://grupoaurora.pe
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 09:30:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
c6Cua9Drn7BBdEJPOdHUyw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7403
x-fb-rlafr
0
x-fb-debug
yhRW3jZxVCEyDr4jlCTMmFGcQ6E/IN+WwpR/IjAfeWG0w5P8CA5N+7r2R0xAkLgqoNwpe4t+bgmIZ372WjEizQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 11 Jan 2024 23:38:32 GMT
ENSponm7cFY.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/
14 KB
14 KB
Image
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/ENSponm7cFY.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yB/l/0,cross/_uwl5ZHCZLG.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0dccdcf76b5b913f6bc771111aac36a38f2742badc410fe6fb3066f70b2b9ded
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yB/l/0,cross/_uwl5ZHCZLG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 09:30:46 GMT
x-content-type-options
nosniff
content-md5
gt45gtXMuK/vnCZXiXB6mQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14142
x-fb-rlafr
0
x-fb-debug
kzqbw6jDo6xHnd19HnN/sRy9SoQxv4Ld3tYch6Yv4/l0HR0ksjhqUz9hygbnKiYrokuZiHwLva2VxLJK1FXUhg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 12 Jan 2024 18:04:26 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| envFlush object| Env number| __DEV__ undefined| MAX_CALLS_TO_EXEC function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy object| __onBeforeModuleFactory object| __onAfterModuleFactory function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| __updateOrientation object| TimeSlice number| __bigPipeFactory function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe

0 Cookies

3 Console Messages

Source Level URL
Text
javascript warning URL: https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Message:
The resource https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/PKMVQj4LZST.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Message:
The resource https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/QBkA9ZfAK-V.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://grupoaurora.pe/proyecto/malecon-acacias/login/facebook1.php
Message:
The resource https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/w-3OJOxUYMY.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.