Overview

URL facebook-login.oclsale.com
IP46.21.147.252
ASNAS35017 Swiftway Sp. z o.o.
Location Netherlands
Report completed2018-01-18 22:14:34 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-01-18 2 facebook-login.oclsale.com/ Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 46.21.147.252

Date UQ / IDS / BL URL IP
2018-02-21 17:59:12 +0100
0 - 0 - 0 craigslist.check-review-online.com/ 46.21.147.252
2018-02-21 14:46:26 +0100
0 - 0 - 0 directairdelivery.com/hsbcbank/register.php 46.21.147.252
2018-02-20 17:10:32 +0100
0 - 0 - 0 46.21.147.252 46.21.147.252
2018-02-15 23:28:42 +0100
0 - 0 - 0 craigslist.org.check-auth.org/ 46.21.147.252
2018-02-15 19:17:23 +0100
0 - 0 - 1 craigslist.check-auth.org/ 46.21.147.252
2018-02-07 22:48:31 +0100
0 - 0 - 0 craigslist.account-process.com 46.21.147.252
2018-01-29 10:06:16 +0100
0 - 0 - 0 www.best-plans.biz/Management_Center/Home/ 46.21.147.252
2018-01-27 22:00:47 +0100
0 - 0 - 0 facebook-security.oclsale.com/ 46.21.147.252
2018-01-24 01:10:42 +0100
0 - 0 - 0 www.ohiequipment.com/ 46.21.147.252
2018-01-24 01:07:00 +0100
0 - 0 - 0 www.ohiequipment.com/ 46.21.147.252

Last 10 reports on ASN: AS35017 Swiftway Sp. z o.o.

Date UQ / IDS / BL URL IP
2018-02-23 10:08:12 +0100
0 - 0 - 0 asd.rincoauto.com/asd 46.21.153.86
2018-02-23 09:45:50 +0100
0 - 0 - 0 asd.rincoauto.com/asd 46.21.153.86
2018-02-22 18:36:16 +0100
0 - 0 - 0 jamioza.com/beioas/senterac/cibc/bank/ 37.72.171.98
2018-02-22 09:29:26 +0100
0 - 0 - 0 barclaysbn.com 37.72.171.98
2018-02-22 09:24:34 +0100
0 - 0 - 0 barclay-bn.com 37.72.171.98
2018-02-21 18:38:54 +0100
0 - 0 - 0 static.castto.me/m-assets/m.js?proxy=wss://ca (...) 89.233.106.178
2018-02-21 17:59:12 +0100
0 - 0 - 0 craigslist.check-review-online.com/ 46.21.147.252
2018-02-21 14:46:26 +0100
0 - 0 - 0 directairdelivery.com/hsbcbank/register.php 46.21.147.252
2018-02-20 17:10:32 +0100
0 - 0 - 0 46.21.147.252 46.21.147.252
2018-02-20 15:21:23 +0100
0 - 0 - 0 vk8hhc7ujs.castlemedicolegal.com/pfjcxeqgr5 46.21.153.83

No other reports on domain: oclsale.com



JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (10)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: facebook-login.oclsale.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         46.21.147.252
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Content-Length: 1147
Date: Thu, 18 Jan 2018 21:20:34 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Location: http://facebook.chwsc.com.au/
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1147
Md5:    13211bbb7a0b02d21338bf6009996fec
Sha1:   afb3bb17cec670e672daffe609058ad863b26be4
Sha256: bd1b7a943ccfa2d9a9cea6aaee3ecb66f3db4a292ac31e7edae2794653cf7b7c

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: facebook.chwsc.com.au
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         27.121.64.112
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Thu, 18 Jan 2018 21:20:35 GMT
Server: Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Last-Modified: Thu, 18 Jan 2018 16:40:06 GMT
Etag: "341487-12dee0-5630f9dc4bb0a"
Accept-Ranges: bytes
Content-Length: 1236704
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1236704
Md5:    1e4f6a50f7132ea271ccf35abb9c43c8
Sha1:   884191aff3517da5a958db3fe628bc3b70003df5
Sha256: cccdc450525b814f8807af9f08e7915f030e3d86bc96698396c50e9404501d39
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=172800
Date: Thu, 18 Jan 2018 21:20:45 GMT
Etag: "5a60c357-1d7"
Expires: Sat, 20 Jan 2018 21:20:45 GMT
Last-Modified: Thu, 18 Jan 2018 15:55:03 GMT
Server: ECS (arn/4694)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    ec2fbfd96660d70b84dde4e367fa9e5b
Sha1:   f11c95e7e84be4ba7de7be551df6748a534e4be5
Sha256: 6c41d1f2979292f15a67494049c6629737a02b932d0736f3ab3a6f0e1d51e574
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=172800
Date: Thu, 18 Jan 2018 21:20:45 GMT
Etag: "5a60d9a0-1d7"
Expires: Sat, 20 Jan 2018 21:20:45 GMT
Last-Modified: Thu, 18 Jan 2018 17:30:08 GMT
Server: ECS (arn/459B)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    300532093abe1ebd8f672ea7ccf8b1ab
Sha1:   8138f94bf23df63e09c1e32c51c250eadf5a606b
Sha256: 36e4e2aa2712c98db19bf3e7f58910ff2568ae5608c3e994b9ffbd645e52b3b3
                                        
                                            GET /rsrc.php/v3/y-/r/Geb2ucamE4k.js HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://facebook.chwsc.com.au/

                                         
                                         157.240.18.19
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
x-fatal-request: static.xx.fbcdn.net
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
timing-allow-origin: *
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Cache-Control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.facebook.com/csp.php
X-FB-Debug: wuqST2LXB5CclaFBcmviV1BLSWBo/bum1rsEnlkyOL5+duSb5PGV7JFVEUEZ66BPuVe/SmVUHCf6CEm2aAG2CQ==
Date: Thu, 18 Jan 2018 21:20:46 GMT
Connection: keep-alive
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /rsrc.php/v3ia7q4/yu/l/fr_FR/pBYEwhIStl6.js HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://facebook.chwsc.com.au/

                                         
                                         157.240.18.19
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
x-fatal-request: static.xx.fbcdn.net
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
timing-allow-origin: *
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Cache-Control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
X-FB-Debug: IXXV3/iw6Yp3rOfMLiCEymyf2GHwRWyctgj44vLfVHZpV95uwNXYEmvMdaAElOOLRF4fQI2AwnI8gKXKZRYJ1w==
Date: Thu, 18 Jan 2018 21:20:46 GMT
Connection: keep-alive
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /rsrc.php/v3if1h4/y2/l/fr_FR/eTjyy1sq5Pb.js HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://facebook.chwsc.com.au/

                                         
                                         157.240.18.19
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
x-fatal-request: static.xx.fbcdn.net
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
timing-allow-origin: *
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Cache-Control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
X-FB-Debug: tQM0N2dbWU9nEhZQbCFRsp8fqP6awmY9EdysniQcvVG4nHRjyQuN0mnj8TvHebTDaZZiK6tfHH9HtsJUI29BMg==
Date: Thu, 18 Jan 2018 21:20:46 GMT
Connection: keep-alive
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /rsrc.php/v3/yv/r/ZEHQe8_eAh6.js HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://facebook.chwsc.com.au/

                                         
                                         157.240.18.19
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
x-fatal-request: static.xx.fbcdn.net
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
timing-allow-origin: *
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Cache-Control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
X-FB-Debug: fhwlKk7W4cT+W3IerUDm1lxX0praqK7kxYwsA5a/aEGNf3xIkzAwYmzbRopfXgE5zzgFfkHwFelbSUzetmKWAw==
Date: Thu, 18 Jan 2018 21:20:46 GMT
Connection: keep-alive
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /rsrc.php/v3/yS/r/j4g5goKSDpw.js HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://facebook.chwsc.com.au/

                                         
                                         157.240.18.19
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
x-fatal-request: static.xx.fbcdn.net
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
timing-allow-origin: *
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Cache-Control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
X-FB-Debug: u+CwmstnvaAAB8RcNg4H+SU/Q1uRifmypCe99g9hJAFii75IB83rAjM2P7PhXIR+Wu1U5lx6oYTpiWYPfLFkBg==
Date: Thu, 18 Jan 2018 21:20:46 GMT
Connection: keep-alive
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /rsrc.php/v3/y-/r/Geb2ucamE4k.js HTTP/1.1 
Host: static.xx.fbcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://facebook.chwsc.com.au/

                                         
                                         157.240.18.19
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
x-fatal-request: static.xx.fbcdn.net
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
timing-allow-origin: *
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Cache-Control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
X-FB-Debug: FoKUFqFaqRLMTSgWzFFHBKCMivSjoMCFDIBQo+Ujh1NiSQNQEf/IkXQrHQs2lfhdaPiZH1ZX75PWyGbWy7l5yw==
Date: Thu, 18 Jan 2018 21:20:46 GMT
Connection: keep-alive
Content-Length: 0


--- Additional Info ---