www.webfacebooklogin.dlsimmo.com
Open in
urlscan Pro
91.121.36.36
Malicious Activity!
Public Scan
Effective URL: https://www.webfacebooklogin.dlsimmo.com/web.facebook.com/login/device-based/regular/login/index.html
Submission: On July 14 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 14th 2019. Valid for: 3 months.
This is the only time www.webfacebooklogin.dlsimmo.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 91.121.36.36 91.121.36.36 | 16276 (OVH) (OVH) | |
13 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
22 | 3 |
ASN32934 (FACEBOOK - Facebook, Inc., US)
static.xx.fbcdn.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
fbcdn.net
static.xx.fbcdn.net |
147 KB |
9 |
dlsimmo.com
www.webfacebooklogin.dlsimmo.com |
491 KB |
22 | 2 |
Domain | Requested by | |
---|---|---|
13 | static.xx.fbcdn.net |
www.webfacebooklogin.dlsimmo.com
|
9 | www.webfacebooklogin.dlsimmo.com |
www.webfacebooklogin.dlsimmo.com
|
22 | 2 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
webfacebooklogin.dlsimmo.com cPanel, Inc. Certification Authority |
2019-07-14 - 2019-10-12 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-06-06 - 2019-09-04 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.webfacebooklogin.dlsimmo.com/web.facebook.com/login/device-based/regular/login/index.html
Frame ID: B5824FFF5513867D846AA2C4E70BC07E
Requests: 24 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://www.webfacebooklogin.dlsimmo.com/ Page URL
- https://www.webfacebooklogin.dlsimmo.com/web.facebook.com/login/device-based/regular/login/index.html Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Page Statistics
45 Outgoing links
These are links going to different origins than the main page.
Title: Facebook
Search URL Search Domain Scan URL
Title: Créer un compte
Search URL Search Domain Scan URL
Title: Informations de compte oubliées ?
Search URL Search Domain Scan URL
Title: Créer un compte
Search URL Search Domain Scan URL
Title: العربية
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: עברית
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: Português (Brasil)
Search URL Search Domain Scan URL
Title: हिन्दी
Search URL Search Domain Scan URL
Title: 中文(简体)
Search URL Search Domain Scan URL
Title: 日本語
Search URL Search Domain Scan URL
Title: Inscription
Search URL Search Domain Scan URL
Title: Connexion
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Facebook Lite
Search URL Search Domain Scan URL
Title: Personnes
Search URL Search Domain Scan URL
Title: Profils
Search URL Search Domain Scan URL
Title: Pages
Search URL Search Domain Scan URL
Title: Catégories de Page
Search URL Search Domain Scan URL
Title: Évènements
Search URL Search Domain Scan URL
Title: Lieux
Search URL Search Domain Scan URL
Title: Jeux
Search URL Search Domain Scan URL
Title: Lieux
Search URL Search Domain Scan URL
Title: Marketplace
Search URL Search Domain Scan URL
Title: Groupes
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Local
Search URL Search Domain Scan URL
Title: Collectes de fonds
Search URL Search Domain Scan URL
Title: Services
Search URL Search Domain Scan URL
Title: À propos
Search URL Search Domain Scan URL
Title: Créer une publicité
Search URL Search Domain Scan URL
Title: Créer une Page
Search URL Search Domain Scan URL
Title: Développeurs
Search URL Search Domain Scan URL
Title: Emplois
Search URL Search Domain Scan URL
Title: Confidentialité
Search URL Search Domain Scan URL
Title: Cookies
Search URL Search Domain Scan URL
Title: Choisir sa pub
Search URL Search Domain Scan URL
Title: Conditions générales
Search URL Search Domain Scan URL
Title: Sécurité du compte
Search URL Search Domain Scan URL
Title: Aide à la connexion
Search URL Search Domain Scan URL
Title: Aide
Search URL Search Domain Scan URL
Title: Paramètres
Search URL Search Domain Scan URL
Title: Historique personnel
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.webfacebooklogin.dlsimmo.com/ Page URL
- https://www.webfacebooklogin.dlsimmo.com/web.facebook.com/login/device-based/regular/login/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
www.webfacebooklogin.dlsimmo.com/ |
341 B 583 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
index.html
www.webfacebooklogin.dlsimmo.com/web.facebook.com/login/device-based/regular/login/ |
82 KB 83 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zz1fUigP71w.css
www.webfacebooklogin.dlsimmo.com/static.xx.fbcdn.net/rsrc.php/v3/y2/l/0%2ccross/ |
37 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Osmqs4nWiHI.css
www.webfacebooklogin.dlsimmo.com/static.xx.fbcdn.net/rsrc.php/v3/yw/l/0%2ccross/ |
48 KB 48 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Mk-KdM-uEPp.css
www.webfacebooklogin.dlsimmo.com/static.xx.fbcdn.net/rsrc.php/v3/ys/l/0%2ccross/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8OOzGIXLZHT.js
www.webfacebooklogin.dlsimmo.com/static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
314 KB 314 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hsts-pixel.gif
www.webfacebooklogin.dlsimmo.com/connect.facebook.net/security/ |
43 B 283 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v-I8id9vo8m.png
www.webfacebooklogin.dlsimmo.com/static.xx.fbcdn.net/rsrc.php/v3/yo/r/ |
369 B 369 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
YQNfPR9MJfx.png
www.webfacebooklogin.dlsimmo.com/static.xx.fbcdn.net/rsrc.php/v3/yO/r/ |
925 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
0 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
74 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
YMWjM_1GaJj.js
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ |
2 KB 928 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wKMUBF-Kyrb.js
static.xx.fbcdn.net/rsrc.php/v3iTOp4/yJ/l/fr_FR/ |
99 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
D55GG0eJO96.js
static.xx.fbcdn.net/rsrc.php/v3/yK/r/ |
19 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8N7sn_givXL.js
static.xx.fbcdn.net/rsrc.php/v3i0Eg4/yJ/l/fr_FR/ |
17 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4kxFgkersL9.js
static.xx.fbcdn.net/rsrc.php/v3iI254/yO/l/fr_FR/ |
37 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
57NmxUmkkei.js
static.xx.fbcdn.net/rsrc.php/v3i4Jo4/y9/l/fr_FR/ |
30 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2g-8yWE9GmZ.js
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ |
64 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-MnrZiUtsJq.js
static.xx.fbcdn.net/rsrc.php/v3i7Sx4/yh/l/fr_FR/ |
39 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gfbqVnwENyN.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_zZSr0e73-N.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ |
137 KB 37 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t3sKK-LSJWQ.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ |
47 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Z8EQISeovCH.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ |
47 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v4WgC_pJT9B.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)51 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask number| _cstart function| envFlush object| Env number| __DEV__ function| CavalryLogger undefined| __p function| emptyFunction function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d object| ErrorUtils object| TimeSlice function| Arbiter object| JSCC function| $ function| ge object| Parent object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| wait_for_load function| goURI object| Bootloader function| ProfilingCounters function| $E object| domreadyhooks object| onloadhooks function| __logBigPipePageletRootStatus string| _script_path object| bigPipe object| onunloadhooks object| onbeforeunloadhooks object| __FB_STORE1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.webfacebooklogin.dlsimmo.com/web.facebook.com/login/device-based/regular/login | Name: _js_datr Value: mGgrXcwteC-bwHOEYl7jF8-S |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
static.xx.fbcdn.net
www.webfacebooklogin.dlsimmo.com
2a03:2880:f01c:8012:face:b00c:0:3
91.121.36.36
0a7ce171d1a0a2067dfffad802684e787a025bccdb54a715d4bef950abf6334d
0b8cfa19d04ce7a8d78b91126eed0bcb008861e55918e738746bda60462c590e
303e13318cc605838d68bef88467ef381440737f7ff897b8d1e8e6b5bf5b1985
33185240036db424a757ac38b5c01132e84984e9f3d08269b0229278f32dd987
39eb8d472d6e68aa17182120241c5a15d5660cd74c1fbe4931d794b0ef64c973
3a6c23297841e90b552e03982572665a8f8b341e72eee125de0476ad6ef4b98f
53543506b16bc244244b5107e45245f94378eebe76c909266042816bfd57d49f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c81dd5ec6433bd73d756e20063cc7b34c3c6b01fdbf69baced90a853c689373
64ddbf77a4a469f1157d7a3f6ded4fe83b703612550472798a4cf7a4333710ff
6fbabf2d40da0dab0c0dafc9b311543eea3e41bc2c68a80109a0a1129eef9804
7f6c4996d4e0cb1ad6350a0aface1b9700788a59d9ed613bda11e46d09a9ae1e
85f54e6250e5ab5f5dffa885e92140700a858852d86997233d4b599634149d6d
8627d83666e5f29db4f5ddfba459bf17a542a4b20569815b8055223dbe6d3f75
9c694562a8a772bf57b552274690ba377e722fdfb0e6c5814e7b8ead0d435cf0
9fcfb88d29bb985e97bb095b8ab25f9eff36934759c8a3b0dec53a0cdd1f6099
a01808b8a2d6e28821f87b2b3bf59abfb34c2aa9050ecd6ba212d3c2c8f28538
b3b578fb91a521174c4c277262d9ae09734c12eff24141bdfab1221684bddb1a
c66ece55becaf8143954f5f875c3ac5d8317bfae6769346786834324fd3285d7
cc2f7c78099efbf412db0741c6d04c9912cb020e283123a1230fbb405e8361ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60e1c170d239ef8628c55986ae1b8e68239665363c6355cfc03336718bc2d7f
e7a139dbb691a2d398c5ec5a39670560eb94af12622d8a8a0eea4cf9e898c786
f52d5c3ed789c4159987032dd0f087b339326cc746dad3eaa2cf01e779aba1e3