lcs24.polfirms.by Open in urlscan Pro
2a0a:7d80:1:7::109:1e1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lcs24.polfirms.by/
Submission Tags: phishingrod
Submission: On July 01 via api (July 1st 2023, 8:38:02 am UTC) from DE — Scanned from DE

Summary HTTP 91 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 8 domains to perform 91 HTTP transactions. The main IP is 2a0a:7d80:1:7::109:1e1, located in Minsk, Belarus and belongs to BELPAK-AS BELPAK, BY. The main domain is lcs24.polfirms.by.
TLS certificate: Issued by R3 on May 3rd 2023. Valid for: 3 months.

This is the only time lcs24.polfirms.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
55	2a0a:7d80:1:7... 2a0a:7d80:1:7::109:1e1	6697 (BELPAK-AS...) (BELPAK-AS BELPAK)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2 7	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
91	12

55 2a0a:7d80:1:7::109:1e1 (Minsk, Belarus)

ASN6697 (BELPAK-AS BELPAK, BY)

lcs24.polfirms.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 95.163.52.67 (Russian Federation) 2 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	polfirms.by lcs24.polfirms.by	1 MB
14	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 433 maps.googleapis.com — Cisco Umbrella Rank: 399	313 KB
7	mail.ru 2 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 8455	21 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 978 syndication.twitter.com — Cisco Umbrella Rank: 1152	150 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	281 KB
2	gstatic.com maps.gstatic.com	61 KB
1	google.com www.google.com — Cisco Umbrella Rank: 10	2 KB
91	8

	Domain	Requested by
55	lcs24.polfirms.by	lcs24.polfirms.by
13	maps.googleapis.com	lcs24.polfirms.by maps.googleapis.com www.google.com
7	top-fwz1.mail.ru	2 redirects lcs24.polfirms.by top-fwz1.mail.ru
4	platform.twitter.com	lcs24.polfirms.by platform.twitter.com
4	www.googletagmanager.com	lcs24.polfirms.by www.googletagmanager.com
2	syndication.twitter.com	platform.twitter.com
2	maps.gstatic.com	www.google.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.com	lcs24.polfirms.by
1	ajax.googleapis.com	lcs24.polfirms.by
91	11

This site contains links to these domains. Also see Links.

Domain
facebook.com
goo.gl
vkontakte.ru
pinterest.com
twitter.com
lcs24.polfirms.pl
lcs24.polfirms.com
lcs24.polfirms.de
lcs24.polfirms.it
lcs24.polfirms.es
lcs24.polfirms.fr
lcs24.polfirms.cz
lcs24.polfirms.sk
lcs24.polfirms.lt
lcs24.polfirms.ro
lcs24.polfirms.hu
lcs24.polfirms.ru
lcs24.polfirms.com.ua
lcs24.polfirms.kz
lcs24.polfirms.se
lcs24.polfirms.lv
lcs24.polfirms.ge
www.lcs24.pl
aktru.pl
polfirms.pl
top.mail.ru
aktru.business.site

Subject Issuer	Validity	Valid
lcs24.polfirms.by R3	`2023-05-03` - `2023-08-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://lcs24.polfirms.by/
Frame ID: 38FD04B1F7AA399F3EB56F5F2AAE99B4
Requests: 74 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d2326.9236340767093!2d18.588399016391808!3d54.32298140880821!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x46fd7406a2c35897%3A0xc93cbca5496bb8be!2sLcs%20Sp.%20z%20o.o.!5e0!3m2!1spl!2spl!4v1636032782216!5m2!1spl!2spl
Frame ID: 760F55095C7BA78980616F2892B5AAC5
Requests: 15 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Flcs24.polfirms.by
Frame ID: 37C95BEBBA500062785D0FE15D76CFA0
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: 5F33E12BA95201B897541F9BDB366B2A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

кольцы Palla Białeckiego кампаненты ўпакоўкі інфузійных трубкі Польскі