lenta-big.icu
Open in
urlscan Pro
51.38.237.208
Malicious Activity!
Public Scan
Submission: On June 12 via automatic, source phishtank
Summary
This is the only time lenta-big.icu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 51.38.237.208 51.38.237.208 | 16276 (OVH) (OVH) | |
3 4 | 185.60.216.35 185.60.216.35 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
7 | 185.60.216.38 185.60.216.38 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 185.60.216.19 185.60.216.19 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
10 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
facebook.com
1 redirects
facebook.com www.facebook.com |
118 KB |
1 |
facebook.net
connect.facebook.net |
256 B |
1 |
fbsbx.com
1 redirects
fbsbx.com |
142 B |
1 |
fbcdn.net
1 redirects
fbcdn.net |
328 B |
1 |
lenta-big.icu
lenta-big.icu |
4 KB |
10 | 5 |
Domain | Requested by | |
---|---|---|
7 | www.facebook.com |
lenta-big.icu
|
2 | facebook.com |
1 redirects
lenta-big.icu
|
1 | connect.facebook.net |
lenta-big.icu
|
1 | fbsbx.com | 1 redirects |
1 | fbcdn.net | 1 redirects |
1 | lenta-big.icu | |
10 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
messenger.com |
l.facebook.com |
developers.facebook.com |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://lenta-big.icu/HZhp3vLo4S/
Frame ID: B3B0CEF97B3A36DCBFDD8D889F56089E
Requests: 10 HTTP requests in this frame
6 Outgoing links
These are links going to different origins than the main page.
Title: Забыли аккаунт?
Search URL Search Domain Scan URL
Title: Messenger
Search URL Search Domain Scan URL
Title: Moments
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Разработчикам
Search URL Search Domain Scan URL
Title: Выбор рекламы
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- https://facebook.com/security/hsts-pixel.gif?c=3.2.5 HTTP 302
- https://fbcdn.net/security/hsts-pixel.gif?c=2.5 HTTP 302
- https://fbsbx.com/security/hsts-pixel.gif?c=5 HTTP 302
- https://connect.facebook.net/security/hsts-pixel.gif
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
lenta-big.icu/HZhp3vLo4S/ |
15 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
aMvoFEFPqA0.css
facebook.com/rsrc.php/v3/yg/l/0,cross/ |
165 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
VIm2onE0pTo.css
www.facebook.com/rsrc.php/v3/yd/l/0,cross/ |
233 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ynzgKigiNBX.css
www.facebook.com/rsrc.php/v3/yW/l/0,cross/ |
5 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
BtTHwZ8OEcT.css
www.facebook.com/rsrc.php/v3/yv/l/0,cross/ |
39 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
kUKNxxqIY4F.css
www.facebook.com/rsrc.php/v3/yM/l/0,cross/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
aW8NMqThJO4.css
www.facebook.com/rsrc.php/v3/y4/l/0,cross/ |
50 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
CbSByzuCCJ4.css
www.facebook.com/rsrc.php/v3/yZ/l/0,cross/ |
29 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
hsts-pixel.gif
connect.facebook.net/security/ Redirect Chain
|
43 B 256 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
O7nelmd9XSI.png
www.facebook.com/rsrc.php/v3/yU/r/ |
95 B 432 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.facebook.net
facebook.com
fbcdn.net
fbsbx.com
lenta-big.icu
www.facebook.com
185.60.216.19
185.60.216.35
185.60.216.38
51.38.237.208
16de2e1ac40603c2425227d3e73e7ed24bde8d2319e89d8e83cc254e4388e2fb
1a98a0369b08be79c0e3117697e9fb17e665cec936d2459e0b0f2a17058e76c1
2a66b4df7fc6995cc8a04b14f0d729f17b3f35ed1258b0565b6bb30ee26b0494
4f9b9da6f516eaa4468d0374bc414ddf3fa47aa33bbd383e539381daf0dfa70c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
63df0312fdd803fe8235180ffa90e784d2a1aa673f77ec040f661b86c566e948
73d0128d84049abeefabf83b7af391bbe4813a35d20343eeeaabbc664200ed4f
aa0438a14f5cb2beb814746f9e9571040a1ed1e92864635df605d334cae1eade
c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c
d72abb4ab8d6c21914644cf4da2d7f52b0eed9d53ad2856a14f22ce041fd98a5