msiwc.us
Open in
urlscan Pro
2606:4700:3035::6815:2c11
Malicious Activity!
Public Scan
Effective URL: https://msiwc.us/
Submission Tags: 0xscam
Submission: On March 23 via api from US — Scanned from US
Summary
TLS certificate: Issued by E1 on March 21st 2024. Valid for: 3 months.
This is the only time msiwc.us was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2606:4700:303... 2606:4700:3035::6815:2c11 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2606:4700:10:... 2606:4700:10::6816:4aab | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
12 | 4 |
ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 820 |
186 KB |
1 |
amung.us
whos.amung.us — Cisco Umbrella Rank: 11675 |
31 B |
1 |
msiwc.us
msiwc.us |
17 KB |
12 | 3 |
Domain | Requested by | |
---|---|---|
10 | static.xx.fbcdn.net |
msiwc.us
static.xx.fbcdn.net |
1 | whos.amung.us |
msiwc.us
|
1 | msiwc.us | |
12 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
facebook.com |
about.meta.com |
messenger.com |
m.facebook.com |
pay.facebook.com |
www.meta.com |
lm.facebook.com |
www.threads.net |
developers.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
msiwc.us E1 |
2024-03-21 - 2024-06-19 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-12-31 - 2024-03-30 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-06-11 - 2024-06-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://msiwc.us/
Frame ID: 283E89E41AB61844102CB17EA927FFD6
Requests: 13 HTTP requests in this frame
23 Outgoing links
These are links going to different origins than the main page.
Title: Create new account
Search URL Search Domain Scan URL
Title: Français (France)
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Facebook Lite
Search URL Search Domain Scan URL
Title: Video
Search URL Search Domain Scan URL
Title: Places
Search URL Search Domain Scan URL
Title: Games
Search URL Search Domain Scan URL
Title: Marketplace
Search URL Search Domain Scan URL
Title: Meta Pay
Search URL Search Domain Scan URL
Title: Meta Store
Search URL Search Domain Scan URL
Title: Meta Quest
Search URL Search Domain Scan URL
Title: Imagine with Meta AI
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Threads
Search URL Search Domain Scan URL
Title: Fundraisers
Search URL Search Domain Scan URL
Title: Services
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Privacy Center
Search URL Search Domain Scan URL
Title: Groups
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
msiwc.us/ |
48 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EisOd2erRe7.css
static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,cross/ |
35 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JzdyzVzX5Z2.css
static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FW2JmrHk6oK.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Rjq6dcDs-mk.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
I-ivGlfq1ff.js
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ |
277 KB 74 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4lCu2zih0ca.svg
static.xx.fbcdn.net/rsrc.php/y1/r/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O3tPsz0t54e.js
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ |
36 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oo2mKkWvbxU.js
static.xx.fbcdn.net/rsrc.php/v3iczx4/yH/l/en_US/ |
225 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vkjqlpV0ylW.js
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ |
68 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
whos.amung.us/pingjs/ |
31 B 31 B |
Image
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tjuCtNBjbJe.png
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
43 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| toIntegerOrInfinity undefined| MAX_CALLS_TO_EXEC function| __annotator function| __bodyWrapper function| __t function| __w number| __DEV__ function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireInterop function| importDefault function| importNamespace function| requireDynamic function| requireLazy object| __onBeforeModuleFactory object| __onAfterModuleFactory function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| validarFormulario function| __updateOrientation object| Env object| TimeSlice number| __bigPipeFactory function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe string| _script_path function| __fbNativeSetTimeout function| __fbNativeClearTimeout function| __fbNativeSetInterval function| __fbNativeClearInterval function| __fbNativeRequestAnimationFrame function| __fbNativeCancelAnimationFrame2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
msiwc.us/ | Name: _subid Value: kp8ip727hl |
|
msiwc.us/ | Name: 7c27c Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjEzXCI6MTcxMTE2MTkzOX0sXCJjYW1wYWlnbnNcIjp7XCIxXCI6MTcxMTE2MTkzOX0sXCJ0aW1lXCI6MTcxMTE2MTkzOX0ifQ.hsnB_x9Y6sQbPsMqAzOKu_fvYrD0OcXSlkOyqAg7mNs |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
msiwc.us
static.xx.fbcdn.net
whos.amung.us
2606:4700:10::6816:4aab
2606:4700:3035::6815:2c11
2a03:2880:f012:8:face:b00c:0:1
0d6f8d206a6bd8b60a2048a3df206ac956a2f633786e4af1c02057f81758ad7a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
6f317838c3e24ba721e38b37a774541a0d44cb693c5e0f95d1157f2a0daa224c
862e65a2039753df694f19b0061f570461cf58eb5e435f08208a8d179d06f46a
8ee3adfd348c7fa1364ef5b9c8cd2c7192cba7d15bccd46f104c839b6317a462
9066ab95ae16083d3f0cd636092d89b354d9784b25c0075c3743b10a1b799e50
b11213829bda15ee58a026418fb046812d21c77df30428fe8ac6b8ab18b8657d
c95801c9d98c1b4a58fddd4455b1f458745d2f489452b3938712803490785e72
d43e1963702656000f8ecbd7c11293de520ebf6066c8070935da045089050d56
d82e2d3aa900daa0dccb1d28bc9f2810e0ed4c9dccd021ace355bfea33c8269f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57d54ea38e05e95735a142af544e2c9c5a7247a7d9d705037f827e99d3dba33
ec4aeac82dddec8ac27f38c12961d0ce084593afa52336b39c654131eb43ff78