es-la.facebook.com.https.s1.gvirabi.com Open in urlscan Pro
188.129.143.42  Malicious Activity! Public Scan

URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Submission Tags: @ipnigh
Submission: On November 15 via api from GB

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 19 HTTP transactions. The main IP is 188.129.143.42, located in Tbilisi, Georgia and belongs to MAGTICOMAS Caucasus-Online, GE. The main domain is es-la.facebook.com.https.s1.gvirabi.com.
This is the only time es-la.facebook.com.https.s1.gvirabi.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
19 188.129.143.42 16010 (MAGTICOMA...)
19 1
Domain Requested by
14 static.xx.fbcdn.net.https.s1.gvirabi.com es-la.facebook.com.https.s1.gvirabi.com
4 es-la.facebook.com.https.s1.gvirabi.com es-la.facebook.com.https.s1.gvirabi.com
1 facebook.com.https.s1.gvirabi.com es-la.facebook.com.https.s1.gvirabi.com
19 3
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Frame ID: 4D54874C8311885F6A1E5C077CDF3B7F
Requests: 19 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /rx(?:\.\w+)?(?:\.compat|\.global)?(?:\.min)?\.js/i

Page Statistics

19
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

1
IPs

1
Countries

285 kB
Transfer

967 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request GB
es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/
78 KB
22 KB
Document
General
Full URL
http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
b122c60ceeb03760879ef27ce634b910d04de41590ee85e30fe1f5666db07fe3

Request headers

Host
es-la.facebook.com.https.s1.gvirabi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.7.6
Date
Fri, 15 Nov 2019 12:39:17 GMT
Content-Type
text/html; charset="utf-8"
Transfer-Encoding
chunked
Connection
keep-alive
vary
Accept-Encoding
x-fb-debug
AE2FwJrrh6tqxhHYZyUeXu7yqFg4jvQYt510a07wrr3NEauTFcLPiQdqauqFXKg0trKHIoKzyFlQqNmeaRvKJQ==
alt-svc
h3-23=":443"; ma=3600
access-control-allow-origin
*
content-encoding
gzip
gvirabi-script.js
es-la.facebook.com.https.s1.gvirabi.com/
7 KB
7 KB
Script
General
Full URL
http://es-la.facebook.com.https.s1.gvirabi.com/gvirabi-script.js?11
Requested by
Host: es-la.facebook.com.https.s1.gvirabi.com
URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
0526735d377488409ca28aec58e61a1dd60f2c20ad65e7026152b80ee932be4b

Request headers

Referer
http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 Nov 2019 12:39:17 GMT
Cache-Control
public, max-age=2592000
Server
nginx/1.7.6
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
gvirabi-xml-hr-trap.js
es-la.facebook.com.https.s1.gvirabi.com/
1021 B
1 KB
Script
General
Full URL
http://es-la.facebook.com.https.s1.gvirabi.com/gvirabi-xml-hr-trap.js?3
Requested by
Host: es-la.facebook.com.https.s1.gvirabi.com
URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
591a67e3c5f84519d3f43a0090c273798d3d32dc44d28df35e592ccc6b5442e2

Request headers

Referer
http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 Nov 2019 12:39:17 GMT
Cache-Control
public, max-age=2592000
Server
nginx/1.7.6
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
gvirabi-plugins.js
es-la.facebook.com.https.s1.gvirabi.com/
409 B
628 B
Script
General
Full URL
http://es-la.facebook.com.https.s1.gvirabi.com/gvirabi-plugins.js?1
Requested by
Host: es-la.facebook.com.https.s1.gvirabi.com
URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
c77fa14e27510dcd5492ae49ccddced75a0e6bceac09683cc5206e65548fa09a

Request headers

Referer
http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 Nov 2019 12:39:17 GMT
Cache-Control
public, max-age=2592000
Server
nginx/1.7.6
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
oqCwDc5XAY3.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yZ/l/0,cross/
17 KB
5 KB
Stylesheet
General
Full URL
http://static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yZ/l/0,cross/oqCwDc5XAY3.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: es-la.facebook.com.https.s1.gvirabi.com
URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
d2b422ca1d0c56fde88bad383e1e4ba3298479c9915ed184a99e3ebe4eaf3ef5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://es-la.facebook.com.https.s1.gvirabi.com/
Origin
http://es-la.facebook.com.https.s1.gvirabi.com

Response headers

Date
Fri, 15 Nov 2019 12:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
7m/O/CehYBz6yYmszVgLHA==
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-23=":443"; ma=3600
x-fb-debug
uQYx12U3HgdOsRrZXLv2l10LsYiIn1F1m/Y29dD22IB/UKY4FZz4c6poL0JoY9O/cDX2hfxs5MbImFWSfqlu0g==
x-fb-trip-id
420120009
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
Server
nginx/1.7.6
vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 08 Nov 2020 17:16:55 GMT
vyCbKSTwaCf.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/ym/l/0,cross/
210 KB
42 KB
Stylesheet
General
Full URL
http://static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/ym/l/0,cross/vyCbKSTwaCf.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: es-la.facebook.com.https.s1.gvirabi.com
URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
ff55f4883e77d92c6dd6493789da150ca0e4fc7119dc78aa80605f6e0182efbd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://es-la.facebook.com.https.s1.gvirabi.com/
Origin
http://es-la.facebook.com.https.s1.gvirabi.com

Response headers

Date
Fri, 15 Nov 2019 12:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
R0sP4Ql+GIjGskcI4Cu+yQ==
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-23=":443"; ma=3600
x-fb-debug
KIBvrkrVEWa1pp9jLRhgO0akSytctKTHNKz2yf9sbEyFeQyMCSat94bbCTltXpV5SQoCmCo7US8BYYxBeDn2IA==
x-fb-trip-id
420120009
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
Server
nginx/1.7.6
vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 14 Nov 2020 03:38:08 GMT
QJog_XP4NXI.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yn/l/0,cross/
124 KB
25 KB
Stylesheet
General
Full URL
http://static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yn/l/0,cross/QJog_XP4NXI.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: es-la.facebook.com.https.s1.gvirabi.com
URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
9325a5749efcac59daeeba89de3d848f421bf5475a56371c4222ef9c257012b6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://es-la.facebook.com.https.s1.gvirabi.com/
Origin
http://es-la.facebook.com.https.s1.gvirabi.com

Response headers

Date
Fri, 15 Nov 2019 12:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
suIKCmi9/WlQUjT3GbBEDw==
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-23=":443"; ma=3600
x-fb-debug
JqNKeKxmM7xnlItW3bVxjOfkvL7JkSO5ywEO6iOtD7kgIxNHrrPg7UwELb4MBqGetwB33LTGFN1KQfaJByadmA==
x-fb-trip-id
420120009
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
Server
nginx/1.7.6
vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 13 Nov 2020 18:56:35 GMT
al6LVsM0zi2.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yZ/l/0,cross/
23 KB
6 KB
Stylesheet
General
Full URL
http://static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yZ/l/0,cross/al6LVsM0zi2.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: es-la.facebook.com.https.s1.gvirabi.com
URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
210f45657403bbbddb8deae48db761b89ea623565a0ac433ed58a24ca18ae4f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://es-la.facebook.com.https.s1.gvirabi.com/
Origin
http://es-la.facebook.com.https.s1.gvirabi.com

Response headers

Date
Fri, 15 Nov 2019 12:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
RA6abAwnlIco3pe1b3npUQ==
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-23=":443"; ma=3600
x-fb-debug
UaQ1TJwM1tjLEfBkPhw4RaalIWaRCOJbDtDp0q6Xii8abdYz1GiNbV7dLQQ72FItbddOZZs77jETzx0lH5wREw==
x-fb-trip-id
420120009
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
Server
nginx/1.7.6
vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 13 Nov 2020 17:02:32 GMT
j8LwCnKx3HC.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yo/l/0,cross/
33 KB
9 KB
Stylesheet
General
Full URL
http://static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yo/l/0,cross/j8LwCnKx3HC.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: es-la.facebook.com.https.s1.gvirabi.com
URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
4390d02e2d09423150622f2366e008828ad6b35d41bb20f1dd61b428322b5651
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://es-la.facebook.com.https.s1.gvirabi.com/
Origin
http://es-la.facebook.com.https.s1.gvirabi.com

Response headers

Date
Fri, 15 Nov 2019 12:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
0HaP7ldMiihPRFsA0rIrxQ==
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-23=":443"; ma=3600
x-fb-debug
Sel6AyyfKRjRD6Y6WyMWTk1e+nYW67labeV5owZ96udGIGKG9meROBVdBHg75q36EpSc5XRcZ7u5LftfMPPDKw==
x-fb-trip-id
2080452462
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
Server
nginx/1.7.6
vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 13 Nov 2020 17:42:05 GMT
KYHnbfNCbwD.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yC/l/0,cross/
17 KB
5 KB
Stylesheet
General
Full URL
http://static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yC/l/0,cross/KYHnbfNCbwD.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: es-la.facebook.com.https.s1.gvirabi.com
URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
2c874291409bfaa115a6c3eb21eac4e20cb2a1d7c2c2ec3fa4b3c628884da4b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://es-la.facebook.com.https.s1.gvirabi.com/
Origin
http://es-la.facebook.com.https.s1.gvirabi.com

Response headers

Date
Fri, 15 Nov 2019 12:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ha1Dwbgs9Ci16TnzzyaEew==
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-23=":443"; ma=3600
x-fb-debug
avUXFgtM2/NuLBiPizlLWlmSSZn0xfXn/AvFTLpOih6I/y6xV7WxNVfqa7+gqNiMUJS/vPUNm+Y5SkBUholoaQ==
x-fb-trip-id
420120009
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
Server
nginx/1.7.6
vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 12 Nov 2020 23:13:37 GMT
QjRFYVzZn13.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yc/l/0,cross/
7 KB
3 KB
Stylesheet
General
Full URL
http://static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yc/l/0,cross/QjRFYVzZn13.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: es-la.facebook.com.https.s1.gvirabi.com
URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
dddc2c3b580d28d5c372cdf2ca12408fe43c0527bdaf5cf0617fb55142ae21a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://es-la.facebook.com.https.s1.gvirabi.com/
Origin
http://es-la.facebook.com.https.s1.gvirabi.com

Response headers

Date
Fri, 15 Nov 2019 12:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
nljTxUsezBMrCN1oyfBsRA==
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-23=":443"; ma=3600
x-fb-debug
qBiJVD/gM41cr+vHahtPjOAr6XgAfIUVMqwFBcjrYom1lKLNQqnuMRUc3Ojhg2lsKJs247HPb1zbsvCW50LlqA==
x-fb-trip-id
420120009
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
Server
nginx/1.7.6
vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 13 Nov 2020 12:20:31 GMT
cAjFkGu1OZG.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yd/l/0,cross/
28 KB
6 KB
Stylesheet
General
Full URL
http://static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yd/l/0,cross/cAjFkGu1OZG.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: es-la.facebook.com.https.s1.gvirabi.com
URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
609691052a2bfcd4a3b2c81a68ae438f55c296265fe5bb5f04022d45008c21af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://es-la.facebook.com.https.s1.gvirabi.com/
Origin
http://es-la.facebook.com.https.s1.gvirabi.com

Response headers

Date
Fri, 15 Nov 2019 12:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
pnVak09IrxFrVxKBbjANAQ==
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-23=":443"; ma=3600
x-fb-debug
zuQ3Cs5wXw4kz7rjVB5drKtNq+rxO28ZzhsO0ZcIS9TaGgduieUhp+SQeob+B1kwREjtAXwDCXPIRvLb8Sqz3g==
x-fb-trip-id
420120009
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
Server
nginx/1.7.6
vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 13 Nov 2020 02:51:51 GMT
PZJHjML2mfA.css
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yE/l/0,cross/
54 KB
8 KB
Stylesheet
General
Full URL
http://static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yE/l/0,cross/PZJHjML2mfA.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: es-la.facebook.com.https.s1.gvirabi.com
URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
348ced376b567016c05f661705da9c04740118c0049020eefec374df6a54f68b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://es-la.facebook.com.https.s1.gvirabi.com/
Origin
http://es-la.facebook.com.https.s1.gvirabi.com

Response headers

Date
Fri, 15 Nov 2019 12:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
MfYOwCA552vd67tu8+2M1A==
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-23=":443"; ma=3600
x-fb-debug
eRqj0nVX9WNNSei0v8TqkeWzFD49Jej1aYynWj112OqE4lUw6wGlVu6ERyHWtgjwkNWK6aDIFI8fm7onUVAi/g==
x-fb-trip-id
420120009
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
Server
nginx/1.7.6
vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 12 Nov 2020 14:53:30 GMT
TWZsUxnJ5RX.js
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yl/r/
313 KB
90 KB
Script
General
Full URL
http://static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yl/r/TWZsUxnJ5RX.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: es-la.facebook.com.https.s1.gvirabi.com
URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
cb6b759c1e933da374dea7b4457c8538d535f6664e371fdd6e7bd58eae07855e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://es-la.facebook.com.https.s1.gvirabi.com/
Origin
http://es-la.facebook.com.https.s1.gvirabi.com

Response headers

Date
Fri, 15 Nov 2019 12:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
NbJ3N5Sz7iHZPZSIrgJqHw==
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-23=":443"; ma=3600
x-fb-debug
Sgb1hXwxrAadVtuLczeqORTOMxUenDCXQmb/XtP0uMGsGCUhv1WF47U0zosENh2EAgVFxF8dQ+xFegXxAqzqSA==
x-fb-trip-id
420120009
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
Server
nginx/1.7.6
vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 14 Nov 2020 03:31:18 GMT
hsts-pixel.gif
facebook.com.https.s1.gvirabi.com/security/
43 B
778 B
Image
General
Full URL
http://facebook.com.https.s1.gvirabi.com/security/hsts-pixel.gif
Requested by
Host: es-la.facebook.com.https.s1.gvirabi.com
URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://es-la.facebook.com.https.s1.gvirabi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 Nov 2019 12:39:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-23=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
yCf43uJjQgdWa/KXog2VorPuUNiZcS3n6qYTclh8k9u1Alz8EjO7mghMxXo9U2+Gtl1HECSQyuFI9DBeuM75ug==
Server
nginx/1.7.6
x-frame-options
DENY
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
Content-Type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
Cr1tUkGjkGT.png
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/y-/r/
20 KB
20 KB
Image
General
Full URL
http://static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/y-/r/Cr1tUkGjkGT.png
Requested by
Host: es-la.facebook.com.https.s1.gvirabi.com
URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
7987ae58c5ed85944c78ab0e8fec4b28ce0f6342dce138b90c50a5c9d17eec53
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yn/l/0,cross/QJog_XP4NXI.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 Nov 2019 12:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
itkqMXUAr+oQjlx3KLhEaA==
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-23=":443"; ma=3600
x-fb-debug
IN1fa8xCQjgNeNH2PkBWNmH3C959ZC46BlkZizA9EAfykdVPfRn9Itequ3MtsO1GcvqM36XfX/XWiskykA/DCg==
x-fb-trip-id
2080452462
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
Server
nginx/1.7.6
Content-Type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 08 Nov 2020 19:07:46 GMT
WSDMLDlOPv5.png
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/y3/r/
13 KB
12 KB
Image
General
Full URL
http://static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/y3/r/WSDMLDlOPv5.png
Requested by
Host: es-la.facebook.com.https.s1.gvirabi.com
URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
dd98ee1693a29e4e6f8cbf67cfcd5cc377037dfebecc5747be7c477c38ca75ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yn/l/0,cross/QJog_XP4NXI.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 Nov 2019 12:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
wKsw9c3O9pI/02s42xX5TA==
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-23=":443"; ma=3600
x-fb-debug
n292xaY2wD4eGS/5UI6gf2V/uJLN+6irAXbWqWmmL3VlJHaKLoVacBGF5wynRxJn8SuWXH7iHBlltdtm1UQ/hQ==
x-fb-trip-id
420120009
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
Server
nginx/1.7.6
Content-Type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 11 Nov 2020 02:54:40 GMT
rxJptIl2lI5.png
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yl/r/
6 KB
7 KB
Image
General
Full URL
http://static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yl/r/rxJptIl2lI5.png
Requested by
Host: es-la.facebook.com.https.s1.gvirabi.com
URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
3024eef2410f00c3a4ba157ae825088f9e62205e9060744e02a7e01847823d76
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yo/l/0,cross/j8LwCnKx3HC.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 Nov 2019 12:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
v2ZsVfqewsxxgJlmEwoPvw==
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-23=":443"; ma=3600
x-fb-debug
QVcSKFDRl01QRFffi4U6D0t33I5+Yb21Z2c2s88Gp4PFNZM2yJ6ZcOka7rG0utrNQYtGkH2EgcUtAbqC2QSk/A==
x-fb-trip-id
420120009
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
Server
nginx/1.7.6
Content-Type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 13 Nov 2020 13:52:18 GMT
stjVApjtcnX.png
static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yM/r/
16 KB
16 KB
Image
General
Full URL
http://static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yM/r/stjVApjtcnX.png
Requested by
Host: es-la.facebook.com.https.s1.gvirabi.com
URL: http://es-la.facebook.com.https.s1.gvirabi.com/marketplace/directory/GB
Protocol
HTTP/1.1
Server
188.129.143.42 Tbilisi, Georgia, ASN16010 (MAGTICOMAS Caucasus-Online, GE),
Reverse DNS
host-188-129-143-42.customer.magticom.ge
Software
nginx/1.7.6 /
Resource Hash
595812e6502b0f19bd63d025a424b01d3c22d3c9cb5eef0c4c6ae85ac0c639ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://static.xx.fbcdn.net.https.s1.gvirabi.com/rsrc.php/v3/yn/l/0,cross/QJog_XP4NXI.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 Nov 2019 12:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
96VtZMg1NbZvgeDXN9bNcQ==
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-23=":443"; ma=3600
x-fb-debug
X6N4AaEsg+YZSTB+QzL2LnQ+eT/hbOiI9U/ali9xGH39+gB9gcHyVkhcTEpwA/TkJlBORnM+qjtD+oj/xEGIMQ==
x-fb-trip-id
420120009
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
Server
nginx/1.7.6
Content-Type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 08 Nov 2020 12:34:52 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| Gvirabi object| xmlHrLoadCallbacks object| XmlHrTrap number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

es-la.facebook.com.https.s1.gvirabi.com
facebook.com.https.s1.gvirabi.com
static.xx.fbcdn.net.https.s1.gvirabi.com
188.129.143.42
0526735d377488409ca28aec58e61a1dd60f2c20ad65e7026152b80ee932be4b
210f45657403bbbddb8deae48db761b89ea623565a0ac433ed58a24ca18ae4f1
2c874291409bfaa115a6c3eb21eac4e20cb2a1d7c2c2ec3fa4b3c628884da4b3
3024eef2410f00c3a4ba157ae825088f9e62205e9060744e02a7e01847823d76
348ced376b567016c05f661705da9c04740118c0049020eefec374df6a54f68b
4390d02e2d09423150622f2366e008828ad6b35d41bb20f1dd61b428322b5651
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
591a67e3c5f84519d3f43a0090c273798d3d32dc44d28df35e592ccc6b5442e2
595812e6502b0f19bd63d025a424b01d3c22d3c9cb5eef0c4c6ae85ac0c639ab
609691052a2bfcd4a3b2c81a68ae438f55c296265fe5bb5f04022d45008c21af
7987ae58c5ed85944c78ab0e8fec4b28ce0f6342dce138b90c50a5c9d17eec53
9325a5749efcac59daeeba89de3d848f421bf5475a56371c4222ef9c257012b6
b122c60ceeb03760879ef27ce634b910d04de41590ee85e30fe1f5666db07fe3
c77fa14e27510dcd5492ae49ccddced75a0e6bceac09683cc5206e65548fa09a
cb6b759c1e933da374dea7b4457c8538d535f6664e371fdd6e7bd58eae07855e
d2b422ca1d0c56fde88bad383e1e4ba3298479c9915ed184a99e3ebe4eaf3ef5
dd98ee1693a29e4e6f8cbf67cfcd5cc377037dfebecc5747be7c477c38ca75ad
dddc2c3b580d28d5c372cdf2ca12408fe43c0527bdaf5cf0617fb55142ae21a7
ff55f4883e77d92c6dd6493789da150ca0e4fc7119dc78aa80605f6e0182efbd