www.onetechgenius.com.usrfiles.com Open in urlscan Pro
34.102.176.152  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 3b1110_677083d48a67dd6ad5b939da8ac162ba.html Show response www.onetechgenius.com.usrfiles.com/html/	38 KB 39 KB	25ms 9ms	Document text/html	34.102.176.152 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://www.onetechgenius.com.usrfiles.com/html/3b1110_677083d48a67dd6ad5b939da8ac162ba.html Protocol HTTP/1.1 Server 34.102.176.152 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 152.176.102.34.bc.googleusercontent.com Software openresty/1.19.9.1 / Resource Hash 79dcb4ae4b3a6c5fed3d4e5b94983499c35645eb33fc96b4e9fad5e3a3eacbfe Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server openresty/1.19.9.1 Date Thu, 30 Dec 2021 21:11:15 GMT Content-Type text/html; charset=utf-8 Content-Length 38701 X-GUploader-UploadID ADPycdv6xbWCHFsgtXBJx0NW4-GXBbcR7NzmwPE2mTuUq2wB0XHWTdh9zGh5P-kFjYJjl9VptT1O6wVGVVeuil4kzL8 Expires Thu, 30 Dec 2021 21:50:41 GMT Last-Modified Tue, 28 Dec 2021 04:20:59 GMT ETag "677083d48a67dd6ad5b939da8ac162ba" x-goog-generation 1640665259892027 x-goog-metageneration 1 x-goog-stored-content-encoding identity x-goog-stored-content-length 38701 x-goog-hash crc32c=KhrJwQ== md5=Z3CD1Ipn3WrVuTnaisFiug== x-goog-storage-class STANDARD Accept-Ranges bytes Age 14897 Access-Control-Allow-Origin * Timing-Allow-Origin * X-Seen-By gcp.us-central-1.media-router-6c7795d8f6-cg65c Via 1.1 google Cache-Control public, max-age=15552000, immutable
GET H2	200	W2X-6ZR9PtT.css static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/	10 KB 3 KB	34ms 14ms	Stylesheet text/css	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/W2X-6ZR9PtT.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.onetechgenius.com.usrfiles.com URL: http://www.onetechgenius.com.usrfiles.com/html/3b1110_677083d48a67dd6ad5b939da8ac162ba.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f2f0271d63b39e2fd577d7f64694a9151d4b85a269de17687387bc70f5c7abbe Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://www.onetechgenius.com.usrfiles.com/ Origin http://www.onetechgenius.com.usrfiles.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 31 Dec 2021 01:19:32 GMT content-encoding br x-content-type-options nosniff content-md5 Quds0sXvoyED7T19IV/Frw== document-policy force-load-at-top content-security-policy-report-only default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 2372 x-fb-rlafr 0 x-fb-debug 6yXm9SlYS9PdAxZXJh2oJeUK9AWLgPr8qVDIN1Q8iMu0YApdmo7/qcUU2O3n+zpDYEDigIV/QlnQOS1MPHxcBQ== x-fb-trip-id 917726464 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Thu, 29 Dec 2022 23:41:27 GMT
GET H2	200	sTKJbKi2C-q.css static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/	14 KB 4 KB	27ms 8ms	Stylesheet text/css	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,cross/sTKJbKi2C-q.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.onetechgenius.com.usrfiles.com URL: http://www.onetechgenius.com.usrfiles.com/html/3b1110_677083d48a67dd6ad5b939da8ac162ba.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 38df9dfaede28e849bb3dfa46d936c11d356c01f0e002f224ad9ec7c9276a57f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://www.onetechgenius.com.usrfiles.com/ Origin http://www.onetechgenius.com.usrfiles.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 31 Dec 2021 01:19:32 GMT content-encoding br x-content-type-options nosniff content-md5 d5QDZRLRdGGhSv0SLbpcSQ== document-policy force-load-at-top content-security-policy-report-only default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 3216 x-fb-rlafr 0 x-fb-debug dBt8w0iyaqOpuZiObEpJ+6A+G2XjAfHNkfeG0NrphQL756Rl+AnFZ8uSS5C1qe5t3ILE4M0+Xl2UtYnXtMCxig== x-fb-trip-id 917726464 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * expires Fri, 23 Dec 2022 20:44:59 GMT
GET H2	200	Wtqz2G7ntRR.css static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/	41 KB 9 KB	32ms 13ms	Stylesheet text/css	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/Wtqz2G7ntRR.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.onetechgenius.com.usrfiles.com URL: http://www.onetechgenius.com.usrfiles.com/html/3b1110_677083d48a67dd6ad5b939da8ac162ba.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 42985b686d36d2c1c60ae3ccced2163b03a4f2ae2a2fb582509c6a4f85bdc870 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://www.onetechgenius.com.usrfiles.com/ Origin http://www.onetechgenius.com.usrfiles.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 31 Dec 2021 01:19:32 GMT content-encoding br x-content-type-options nosniff content-md5 DtoVnt3iQ33tI2lumgLDJQ== document-policy force-load-at-top content-security-policy-report-only default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 8853 x-fb-rlafr 0 x-fb-debug 2afL271EJTLLiq9D5Ih8TlULJ5odfc8jTI4jC7ksIrAx3iG3emt+115xdv1mJaMv0vWm10mXZGGL4529TrXQ4g== x-fb-trip-id 917726464 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Sat, 24 Dec 2022 17:56:24 GMT
GET H2	200	LWaXZhxyVqI.css static.xx.fbcdn.net/rsrc.php/v3/ye/l/0,cross/	28 KB 8 KB	35ms 16ms	Stylesheet text/css	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/ye/l/0,cross/LWaXZhxyVqI.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.onetechgenius.com.usrfiles.com URL: http://www.onetechgenius.com.usrfiles.com/html/3b1110_677083d48a67dd6ad5b939da8ac162ba.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d456f588cd9eca8eb772033ec370b68f26f5c46c48f350effcb7766fb95856ac Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://www.onetechgenius.com.usrfiles.com/ Origin http://www.onetechgenius.com.usrfiles.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Fri, 31 Dec 2021 01:19:32 GMT content-encoding br x-content-type-options nosniff content-md5 maWw6zjC2t9Dw0Fha8ngdg== document-policy force-load-at-top content-security-policy-report-only default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script'; cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 7726 x-fb-rlafr 0 x-fb-debug v43Cbrw+nSYww8SBVq2cAJpjA8jhbhy17y3OLKA4BSNH9w6XyqBGxFkhBR9HTNS7Jt65j7945GXEiMRDY617Mg== x-fb-trip-id 917726464 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Fri, 30 Dec 2022 22:20:12 GMT
GET		sAcaU2FJdDD.js static.xx.fbcdn.net/rsrc.php/v3/yF/r/	0 0
GET H3	200	dF5SId3UHWd.svg static.xx.fbcdn.net/rsrc.php/y8/r/	2 KB 1 KB	18ms 8ms	Image image/svg+xml	2a03:2880:f02d:12:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://static.xx.fbcdn.net/rsrc.php/y8/r/dF5SId3UHWd.svg Requested by Host: www.onetechgenius.com.usrfiles.com URL: http://www.onetechgenius.com.usrfiles.com/html/3b1110_677083d48a67dd6ad5b939da8ac162ba.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce Security Headers Name Value Content-Security-Policy default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.onetechgenius.com.usrfiles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding br x-content-type-options nosniff content-md5 NiMA5zHIsmaYxSYEaw9fHg== document-policy force-load-at-top content-security-policy-report-only default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script'; cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 1027 x-xss-protection 0 x-fb-debug xLOV6Ya2ySxfL7foFX5ON+v2d/HM843LXTGkzGiltbO8LROoXShrFtfstm+T1RVMqA+ZMKnERh11qfVVMcNi+A== last-modified Mon, 01 Jan 2001 08:00:00 GMT date Fri, 31 Dec 2021 01:19:32 GMT vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public,max-age=31536000,immutable x-fb-rlafr 0 timing-allow-origin * priority u=3,i expires Thu, 29 Dec 2022 22:47:57 GMT
GET H2	200	hsts-pixel.gif facebook.com/security/	43 B 3 KB	45ms 26ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://facebook.com/security/hsts-pixel.gif Requested by Host: www.onetechgenius.com.usrfiles.com URL: http://www.onetechgenius.com.usrfiles.com/html/3b1110_677083d48a67dd6ad5b939da8ac162ba.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://www.onetechgenius.com.usrfiles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-encoding br x-content-type-options nosniff document-policy force-load-at-top content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 x-xss-protection 0 pragma no-cache x-fb-debug fYraH1Fyqi7E9y7595L3yPgP0ygBoTlECegYjN8N5gvUhgS0UOyJa6nkRX8zRZVUfRUxrB3UyN4aDsNoVbrrmw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" expires Sat, 01 Jan 2000 00:00:00 GMT cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Fri, 31 Dec 2021 01:19:33 GMT strict-transport-security max-age=15552000; includeSubDomains access-control-allow-methods OPTIONS content-type image/gif access-control-allow-origin * vary Origin, Accept-Encoding cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true x-fb-rlafr 0 access-control-expose-headers X-FB-Debug, X-Loader-Length
GET		SieMvexb4RV.css static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/	0 0
GET		ZFA2ZKi8_ij.js static.xx.fbcdn.net/rsrc.php/v3/yU/r/	0 0
GET		wgQtNFI9dU-.js static.xx.fbcdn.net/rsrc.php/v3ivXO4/yZ/l/es_LA/	0 0
GET		v-qA4RoF1Br.css static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/	0 0
GET		29KpN-SSjEW.js static.xx.fbcdn.net/rsrc.php/v3i0VU4/yb/l/es_LA/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

static.xx.fbcdn.net

URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/sAcaU2FJdDD.js?_nc_x=Ij3Wp8lg5Kz

Domain

static.xx.fbcdn.net

URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/SieMvexb4RV.css?_nc_x=Ij3Wp8lg5Kz

Domain

static.xx.fbcdn.net

URL

https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/ZFA2ZKi8_ij.js?_nc_x=Ij3Wp8lg5Kz

Domain

static.xx.fbcdn.net

URL

https://static.xx.fbcdn.net/rsrc.php/v3ivXO4/yZ/l/es_LA/wgQtNFI9dU-.js?_nc_x=Ij3Wp8lg5Kz

Domain

static.xx.fbcdn.net

URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/v-qA4RoF1Br.css?_nc_x=Ij3Wp8lg5Kz

Domain

static.xx.fbcdn.net

URL

https://static.xx.fbcdn.net/rsrc.php/v3i0VU4/yb/l/es_LA/29KpN-SSjEW.js?_nc_x=Ij3Wp8lg5Kz

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| regreso undefined| urlfin undefined| idfb undefined| detector undefined| lang string| enblanco object| myString object| myArray undefined| email string| ip undefined| uno undefined| dos undefined| tres undefined| cuatro undefined| cinco number| _DEV function| CavalryLogger function| updateOrientation

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://www.onetechgenius.com.usrfiles.com/html/3b1110_677083d48a67dd6ad5b939da8ac162ba.html Message: Access to script at 'https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/sAcaU2FJdDD.js?_nc_x=Ij3Wp8lg5Kz' from origin 'http://www.onetechgenius.com.usrfiles.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/sAcaU2FJdDD.js?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.onetechgenius.com.usrfiles.com/html/3b1110_677083d48a67dd6ad5b939da8ac162ba.html Message: Access to CSS stylesheet at 'https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/SieMvexb4RV.css?_nc_x=Ij3Wp8lg5Kz' from origin 'http://www.onetechgenius.com.usrfiles.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/SieMvexb4RV.css?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.onetechgenius.com.usrfiles.com/html/3b1110_677083d48a67dd6ad5b939da8ac162ba.html Message: Access to script at 'https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/ZFA2ZKi8_ij.js?_nc_x=Ij3Wp8lg5Kz' from origin 'http://www.onetechgenius.com.usrfiles.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/ZFA2ZKi8_ij.js?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.onetechgenius.com.usrfiles.com/html/3b1110_677083d48a67dd6ad5b939da8ac162ba.html Message: Access to script at 'https://static.xx.fbcdn.net/rsrc.php/v3ivXO4/yZ/l/es_LA/wgQtNFI9dU-.js?_nc_x=Ij3Wp8lg5Kz' from origin 'http://www.onetechgenius.com.usrfiles.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3ivXO4/yZ/l/es_LA/wgQtNFI9dU-.js?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.onetechgenius.com.usrfiles.com/html/3b1110_677083d48a67dd6ad5b939da8ac162ba.html Message: Access to CSS stylesheet at 'https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/v-qA4RoF1Br.css?_nc_x=Ij3Wp8lg5Kz' from origin 'http://www.onetechgenius.com.usrfiles.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/v-qA4RoF1Br.css?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://www.onetechgenius.com.usrfiles.com/html/3b1110_677083d48a67dd6ad5b939da8ac162ba.html Message: Access to script at 'https://static.xx.fbcdn.net/rsrc.php/v3i0VU4/yb/l/es_LA/29KpN-SSjEW.js?_nc_x=Ij3Wp8lg5Kz' from origin 'http://www.onetechgenius.com.usrfiles.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3i0VU4/yb/l/es_LA/29KpN-SSjEW.js?_nc_x=Ij3Wp8lg5Kz Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: http://www.onetechgenius.com.usrfiles.com/html/3b1110_677083d48a67dd6ad5b939da8ac162ba.html Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/v-qA4RoF1Br.css?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://www.onetechgenius.com.usrfiles.com/html/3b1110_677083d48a67dd6ad5b939da8ac162ba.html Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/SieMvexb4RV.css?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://www.onetechgenius.com.usrfiles.com/html/3b1110_677083d48a67dd6ad5b939da8ac162ba.html Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3ivXO4/yZ/l/es_LA/wgQtNFI9dU-.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://www.onetechgenius.com.usrfiles.com/html/3b1110_677083d48a67dd6ad5b939da8ac162ba.html Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3i0VU4/yb/l/es_LA/29KpN-SSjEW.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://www.onetechgenius.com.usrfiles.com/html/3b1110_677083d48a67dd6ad5b939da8ac162ba.html Message: The resource https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/ZFA2ZKi8_ij.js?_nc_x=Ij3Wp8lg5Kz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

facebook.com
static.xx.fbcdn.net
www.onetechgenius.com.usrfiles.com
static.xx.fbcdn.net
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.102.176.152
38df9dfaede28e849bb3dfa46d936c11d356c01f0e002f224ad9ec7c9276a57f
42985b686d36d2c1c60ae3ccced2163b03a4f2ae2a2fb582509c6a4f85bdc870
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
79dcb4ae4b3a6c5fed3d4e5b94983499c35645eb33fc96b4e9fad5e3a3eacbfe
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
d456f588cd9eca8eb772033ec370b68f26f5c46c48f350effcb7766fb95856ac
f2f0271d63b39e2fd577d7f64694a9151d4b85a269de17687387bc70f5c7abbe