update-check-fb.my1.ru
Open in
urlscan Pro
195.216.243.36
Malicious Activity!
Public Scan
Submission: On February 09 via automatic, source phishtank
Summary
This is the only time update-check-fb.my1.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 195.216.243.36 195.216.243.36 | 29226 (MASTERTEL...) (MASTERTEL-AS Moscow) | |
15 | 2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
17 | 3 |
ASN29226 (MASTERTEL-AS Moscow, Russia, RU)
PTR: s36.ucoz.net
update-check-fb.my1.ru |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
facebook.com
www.facebook.com |
161 KB |
2 |
my1.ru
update-check-fb.my1.ru |
28 KB |
17 | 2 |
Domain | Requested by | |
---|---|---|
15 | www.facebook.com |
update-check-fb.my1.ru
www.facebook.com |
2 | update-check-fb.my1.ru |
www.facebook.com
|
17 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2016-12-09 - 2018-01-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://update-check-fb.my1.ru/support.html
Frame ID: 10188.1
Requests: 18 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Facebook
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
support.html
update-check-fb.my1.ru/ |
102 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CrBwA6awfpq.css
www.facebook.com/rsrc.php/v3/y1/r/ |
42 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pcn5kcy2Wu3.css
www.facebook.com/rsrc.php/v3/y6/r/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nLJkGexeJ5t.css
www.facebook.com/rsrc.php/v3/yx/r/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gUcZZLwutIG.css
www.facebook.com/rsrc.php/v3/ya/r/ |
43 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Uz1_cNSYvZK.js
www.facebook.com/rsrc.php/v3/yy/r/ |
165 KB 42 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
81mGaCLzC3W.png
www.facebook.com/rsrc.php/v3/yT/r/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s3OmliaAHHx.png
www.facebook.com/rsrc.php/v3/yA/r/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
74 B 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O7nelmd9XSI.png
www.facebook.com/rsrc.php/v3/yU/r/ |
95 B 104 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scjiB3cn4g0.js
www.facebook.com/rsrc.php/v3iWxT4/yH/l/en_GB/ |
196 KB 45 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BwhLfJGBavX.js
www.facebook.com/rsrc.php/v3/yx/r/ |
15 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VRRdhgO5aYh.js
www.facebook.com/rsrc.php/v3ixzs4/yr/l/en_GB/ |
28 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nDLFpTYYMj4.js
www.facebook.com/rsrc.php/v3/yt/r/ |
35 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
J_PiaUdj5PI.js
www.facebook.com/rsrc.php/v3/yi/r/ |
8 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DN4t_pZoRuF.js
www.facebook.com/rsrc.php/v3/yI/r/ |
50 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-PAXP-deijE.gif
www.facebook.com/rsrc.php/v3/y4/r/ |
43 B 52 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bz
update-check-fb.my1.ru/ajax/ |
7 KB 3 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.update-check-fb.my1.ru/ | Name: _js_reg_fb_ref Value: https%3A%2F%2Fwww.facebook.com%2Flogin.php%3Fnext%3Dhttps%253A%252F%252Fwww.facebook.com%252Fhome.php |
|
.update-check-fb.my1.ru/ | Name: _js_datr Value: B117WP78rOCVtqCG83EFAwH5 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
update-check-fb.my1.ru
www.facebook.com
195.216.243.36
2a03:2880:f11c:8083:face:b00c:0:25de
006d75c9402a14dd1bbb3fdf684e0c8f1307401eb96c626339e13d6d00a41721
046fc4e034718e8e1815ce7ceb59b7c9513504c6f8d9b5a709e41b678fdf414e
0ba443e842ccedbd78e6cfedcff2fbe25f31ad292166408224427530023469ab
1cb53ce9d24e171e21078c84aff52b611892e0b5dfc626c1e41e6b02dcb41477
3de1614e860e8eff80980ef1e763bd955a4c147d7463539a4c042542e3a2b9db
56ab3376d920a2eac51bf94ce0755f77471a254282a116a25ff4d4c075515134
5a52dbaf980be015c37ea658dc83e753f345ecb7c48a7dafd71bf1ed67e8b4bd
67d73be441c1a7dee565281eb1ca5ae47b612d6ffc109d2b706a73e0f19f3999
6afa115f3941786d2302e4e4528c2551c06e4831c535c5e2480ba8b10e2d189a
8627d83666e5f29db4f5ddfba459bf17a542a4b20569815b8055223dbe6d3f75
9175f30eb8f5994ae58762df221a2549bbbc787b5949d26931fba9595dff44b8
95b58d29950272fb0784528f214579e16f7e9d3b45b28591263e8cbae2dc44ae
a3f9e59f14d96d7f7eb49909f73905fa1eaabe000950dd72d6684f0a7c8c8f34
c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c
d4b0848ce136b36333aac601274be9668cf1b985affe4c7242459a92b315e1cb
e36420cb70f72ffd216d479284db07a3085db00e611fc17ee4578d619236ab16
e7170fd99dc783bf81f3604119d81512e531caf1b143b37e8393273210643ecd
f4f5f33242ffbf8ec46cd6dec2b67a8eb40957b76c096643cd2ff1650b007c88