lbnlbysola.temp.swtest.ru
Open in
urlscan Pro
77.222.40.7
Malicious Activity!
Public Scan
Effective URL: http://lbnlbysola.temp.swtest.ru/particulier/identification.html
Submission: On July 01 via manual from US
Summary
This is the only time lbnlbysola.temp.swtest.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banque Postale (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 5.63.10.206 5.63.10.206 | 57497 (FARASOSAM...) (FARASOSAMANEHPASARGAD) | |
21 | 77.222.40.7 77.222.40.7 | 44112 (SWEB-AS) (SWEB-AS) | |
1 | 54.235.190.106 54.235.190.106 | 14618 (AMAZON-AES) (AMAZON-AES) | |
22 | 2 |
ASN57497 (FARASOSAMANEHPASARGAD, IR)
PTR: tehran.bpanel.xyz
beyb.ir |
ASN44112 (SWEB-AS, RU)
PTR: vh290.sweb.ru
lbnlbysola.temp.swtest.ru |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-190-106.compute-1.amazonaws.com
api.ipify.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
swtest.ru
lbnlbysola.temp.swtest.ru |
1 MB |
1 |
ipify.org
api.ipify.org |
250 B |
1 |
beyb.ir
1 redirects
beyb.ir |
334 B |
22 | 3 |
Domain | Requested by | |
---|---|---|
21 | lbnlbysola.temp.swtest.ru |
lbnlbysola.temp.swtest.ru
|
1 | api.ipify.org |
lbnlbysola.temp.swtest.ru
|
1 | beyb.ir | 1 redirects |
22 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.ipify.org Sectigo RSA Domain Validation Secure Server CA |
2021-01-19 - 2022-02-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://lbnlbysola.temp.swtest.ru/particulier/identification.html
Frame ID: DCBBEE7E008D899A50563B1D617EDFA4
Requests: 22 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://beyb.ir/uoklM
HTTP 301
http://lbnlbysola.temp.swtest.ru/particulier/identification.html Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://beyb.ir/uoklM
HTTP 301
http://lbnlbysola.temp.swtest.ru/particulier/identification.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
identification.html
lbnlbysola.temp.swtest.ru/particulier/ Redirect Chain
|
16 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
lbnlbysola.temp.swtest.ru/particulier/assets/css/ |
152 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
helpers.css
lbnlbysola.temp.swtest.ru/particulier/assets/css/ |
41 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
lbnlbysola.temp.swtest.ru/particulier/assets/css/ |
2 KB 636 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
lbnlbysola.temp.swtest.ru/particulier/assets/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top-header-left.png
lbnlbysola.temp.swtest.ru/particulier/assets/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top-header-left2.png
lbnlbysola.temp.swtest.ru/particulier/assets/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top-header-right.png
lbnlbysola.temp.swtest.ru/particulier/assets/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-left.png
lbnlbysola.temp.swtest.ru/particulier/assets/images/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
lbnlbysola.temp.swtest.ru/particulier/assets/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-right.png
lbnlbysola.temp.swtest.ru/particulier/assets/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-right2.png
lbnlbysola.temp.swtest.ru/particulier/assets/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-right3.png
lbnlbysola.temp.swtest.ru/particulier/assets/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer.png
lbnlbysola.temp.swtest.ru/particulier/assets/images/ |
52 KB 52 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
lbnlbysola.temp.swtest.ru/particulier/assets/js/ |
86 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
popper.js
lbnlbysola.temp.swtest.ru/particulier/assets/js/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
secure-asterisk.ttf
lbnlbysola.temp.swtest.ru/particulier/assets/fonts/ |
52 KB 3 KB |
Script
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.js
lbnlbysola.temp.swtest.ru/particulier/assets/js/ |
133 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome.js
lbnlbysola.temp.swtest.ru/particulier/assets/js/ |
1 MB 378 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
lbnlbysola.temp.swtest.ru/particulier/assets/js/ |
2 KB 884 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
content.png
lbnlbysola.temp.swtest.ru/particulier/assets/images/ |
451 KB 451 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
api.ipify.org/ |
66 B 250 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banque Postale (Banking)22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| Popper object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome boolean| isShift string| seperator string| dash function| cc_date function| date_of_birth string| ip function| sendMail function| redirect0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.ipify.org
beyb.ir
lbnlbysola.temp.swtest.ru
5.63.10.206
54.235.190.106
77.222.40.7
004c0d90d64d9266498f39a020a0a6fe4110b94f8447daea5b1373d3e7934aad
0d0f01f9e93de65341a2bc276f5c37b439bb360a3c9470b21548fc54e4a1abdb
1f9377003bc272c331e409b9728910c86b21ea717bbd45a128dfb22c9f322f17
21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58
37a288f0c7a73fecda634b2262ba8d7c23953e2268aa9a6dabc21955b5a174e9
387f1794c17dee4f44dc6bc96ad7dd835706cc3f2e30bea841f626f583abb4b0
5b6cd7b81854519965959d1549226e565a77de441a694df48579868348513d21
5bb399100f821a7bada7a8faa36de1e64dd19bcde8854eb9980b5b07cb74de1c
6485f454bae479e9e556ac912a9bfeee8619437989c5ff4423b3d5d6e8e5e209
8f7220fde4861e61d5d1f84538771bf385a161f5889476028a61341ac01875d0
9ef50da3e9123a1ffe663024f3f2282cbd04646680e1d7bf3468617a6d326dd3
a4592a42945beac4574095cb95f96f482116e2076a20f1ef8629a6021a643f6a
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
c83e6ec9b5ceece6db819192b3f6f877fc64296b1ed27ec5b53cc5c4d86f8ab4
c96109fef3e6ae0c4dffe3fcc9026352c44a2147b9fd2c4d6e08d32cdcf2641f
d73bea9406631c38d4e2ececd4531cd7522c7edf81b57d08caf074654a5e1569
dc76d1d3963947047b414b58209d235ff6e36043fe66514606a260a8c3d96cb0
e26c38a3728f3a679433b2600ef2a97112736716609ba8a1eae9cd885cb21f75
f0f02c834c71eff3c9dbc749f81ea8be9c213326a6908e7b80a7da9cba637ae3
f209ec1d94d89a8fa9cdadffa82ac9f6bb696687d21caaf0a15007199fdbcbfc