This webpage uses fake facebook login button to phish the victim account, the passwords can be seen on passwords.php, you must host this on a real Apache web server to see the magic.
And yes you can host this on a free server, and it does not get traced down by the automated phishing page detector :)
This is purely for the educational purposes and is not intended to hurt anyone