lb5grafica.com
Open in
urlscan Pro
209.191.185.188
Malicious Activity!
Public Scan
Effective URL: https://lb5grafica.com/images/footer/office/phpnet.php?code=2000700
Submission: On April 20 via manual from PH
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 11th 2018. Valid for: 3 months.
This is the only time lb5grafica.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Excel / PDF download (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 104.20.219.42 104.20.219.42 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 6 | 209.191.185.188 209.191.185.188 | 14744 (INTERNAP-...) (INTERNAP-BLOCK-4 - Internap Network Services Corporation) | |
2 | 216.58.214.106 216.58.214.106 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 172.217.22.35 172.217.22.35 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
9 | 4 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
tinyurl.com |
ASN14744 (INTERNAP-BLOCK-4 - Internap Network Services Corporation, US)
PTR: vps.bleu-si.com
lb5grafica.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f106.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f35.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
lb5grafica.com
1 redirects
lb5grafica.com |
192 KB |
2 |
googleapis.com
fonts.googleapis.com |
604 B |
1 |
gstatic.com
fonts.gstatic.com |
18 KB |
1 |
tinyurl.com
1 redirects
tinyurl.com |
440 B |
0 |
cloudflare.com
Failed
cdnjs.cloudflare.com Failed |
|
9 | 5 |
Domain | Requested by | |
---|---|---|
6 | lb5grafica.com |
1 redirects
lb5grafica.com
|
2 | fonts.googleapis.com |
lb5grafica.com
|
1 | fonts.gstatic.com |
lb5grafica.com
|
1 | tinyurl.com | 1 redirects |
0 | cdnjs.cloudflare.com Failed |
lb5grafica.com
|
9 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
lb5grafica.com cPanel, Inc. Certification Authority |
2018-03-11 - 2018-06-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://lb5grafica.com/images/footer/office/phpnet.php?code=2000700
Frame ID: 8E35316DF1F3272669CCD493EB4BC97F
Requests: 9 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://tinyurl.com/y8lp7x8u
HTTP 301
https://lb5grafica.com/images/footer/office/up.php HTTP 302
https://lb5grafica.com/images/footer/office/phpnet.php?code=2000700 Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://tinyurl.com/y8lp7x8u
HTTP 301
https://lb5grafica.com/images/footer/office/up.php HTTP 302
https://lb5grafica.com/images/footer/office/phpnet.php?code=2000700 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
phpnet.php
lb5grafica.com/images/footer/office/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
css
fonts.googleapis.com/ |
242 B 302 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
lb5grafica.com/images/footer/office/css/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pdf.png
lb5grafica.com/images/footer/office/im/ |
153 KB 153 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
lb5grafica.com/images/footer/office/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
css
fonts.googleapis.com/ |
242 B 302 B |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg.png
lb5grafica.com/images/footer/office/css/im/ |
32 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
mem8YaGs126MiZpBA-UFVZ0e.ttf
fonts.gstatic.com/s/opensans/v15/ |
26 KB 18 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cdnjs.cloudflare.com
- URL
- http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Excel / PDF download (Online)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| validateForm1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
lb5grafica.com/ | Name: PHPSESSID Value: 2b7e5b6d943c0d05d53f62346ddfe6a0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
lb5grafica.com
tinyurl.com
cdnjs.cloudflare.com
104.20.219.42
172.217.22.35
209.191.185.188
216.58.214.106
927658fe940c899225567ad7885c40a7871dee09c2b9f00d31f7ca62d1f424fc
9616c60b8bf84feffdfc9eaf8649b3e7004a25d5e8ba06fb5d56c93aec1c861c
b0e973362319c8a65d6960c37d26771dd67e5777116361f3cf1d8697e7401f59
b340f8680f0d4d6983c5c7aacaa68f7d0bdfab44923f2bf2fca8a438795cd278
f61ad3ff1f89b0cac1a52cd1ff2b64057c9b9b371a000e63a7bc2cd4259655c7
f61f1be268ad277e7ef194b08b85500dafb5e6077d1cfbb8abc4d51c598f61e8