aprescres.moy.su
Open in
urlscan Pro
213.174.157.150
Malicious Activity!
Public Scan
Submission: On June 19 via automatic, source phishtank
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 21st 2019. Valid for: 2 years.
This is the only time aprescres.moy.su was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 213.174.157.150 213.174.157.150 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
1 | 180.250.66.131 180.250.66.131 | 17974 (TELKOMNET...) (TELKOMNET-AS2-AP PT Telekomunikasi Indonesia) | |
11 | 2 |
ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: s101.ucoz.net
aprescres.moy.su |
ASN17974 (TELKOMNET-AS2-AP PT Telekomunikasi Indonesia, ID)
PTR: 131.subnet180-250-66.speedy.telkom.net.id
p02.notifa.info |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
moy.su
aprescres.moy.su |
53 KB |
1 |
notifa.info
p02.notifa.info |
993 B |
11 | 2 |
Domain | Requested by | |
---|---|---|
10 | aprescres.moy.su |
aprescres.moy.su
|
1 | p02.notifa.info |
aprescres.moy.su
|
11 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.help-account-n8ds4t.cf |
www.000webhost.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.moy.su Sectigo RSA Domain Validation Secure Server CA |
2019-02-21 - 2021-02-20 |
2 years | crt.sh |
*.uzone.id COMODO RSA Domain Validation Secure Server CA |
2016-01-27 - 2019-01-26 |
3 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://aprescres.moy.su/page_recover.htm
Frame ID: 13ECEE45ED7D7548A53538F230560991
Requests: 11 HTTP requests in this frame
2 Outgoing links
These are links going to different origins than the main page.
Title: Have you forgotten your password?
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
page_recover.htm
aprescres.moy.su/ |
16 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m.fb89sd9.css
aprescres.moy.su/ |
92 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m.fb897f65y.css
aprescres.moy.su/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
IoU6C6Z1Eqy.js.download
aprescres.moy.su/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
request
aprescres.moy.su/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
F8n3WrEc0r.png
aprescres.moy.su/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hsts-pixel.gif
aprescres.moy.su/ |
43 B 374 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer-powered-by-000webhost-white2.webp
aprescres.moy.su/ |
2 KB 2 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb9hHvqMKNN.png
aprescres.moy.su/vimg/ |
7 KB 7 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Yw0RiQgp0g-.png
aprescres.moy.su/rsrc.php/v3/yT/r/ |
7 KB 7 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
request
p02.notifa.info/3fsmd3/ |
393 B 993 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| envFlush object| Env number| __DEV__ function| CavalryLogger function| __updateOrientation function| mousedwn function| netbro_cache_analytics function| sync function| requestCfs function| loadFrame0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aprescres.moy.su
p02.notifa.info
180.250.66.131
213.174.157.150
4bed72f44e8337fb4f0afe4e1567ba1a5cf11e6ca01d3d2d5ef286f46dbe5ad6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6dde702e7f67cea7518c5fc8c40f92f9a98109d995f5753851fcff16496a857e
82c3d06b01cbc3aee305004063648b0fd400faf77a6aa1974e0781b04b350190
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
91252e877e09c401110e603eaf0ff8eb78f7e38c1316db14f131fcb3f896bbb4
aa03983922acf6ace41158ff5f013edfd9dd838dd7a0c545dd1bb413c4d562b6
f0b1b29de07d2f831f4978036ded359f60063eeba22a2d50c66978f3ff896df4