samufoodproducts.com
Open in
urlscan Pro
65.108.8.92
Malicious Activity!
Public Scan
Submission: On February 02 via api from US — Scanned from US
Summary
This is the only time samufoodproducts.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: M&T Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 65.108.8.92 65.108.8.92 | 24940 (HETZNER-AS) (HETZNER-AS) | |
8 | 1 |
ASN24940 (HETZNER-AS, DE)
PTR: static.92.8.108.65.clients.your-server.de
samufoodproducts.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
samufoodproducts.com
samufoodproducts.com |
136 KB |
8 | 1 |
Domain | Requested by | |
---|---|---|
8 | samufoodproducts.com |
samufoodproducts.com
|
8 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/emsslv9082.php?s61y07eBvQ0sh430QehJ0XD94YvHTHfaMiL7bvt5OZJyPRZGHcRMhoXHyhng6RM0u6gpGYvYQd8ujAsc8YzgAoEqpS3rU2F3F5YS5EAau2LifZNTvY02ENflur3MKGrUgo9cCK5A6er3n7nWpWIj9buTwjsvU0MhMuhrwZDwBLfZg3LtidNuuHQvjfF5vmu0mYj0SJeN
Frame ID: 2529108EFE8CB799E119DBE6EC20D4F5
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
Secured SSL Email VerificationM&T BankDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
emsslv9082.php
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/ |
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/css/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jqueryLib.js
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/js/ |
85 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
actions.js
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo2.png
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img13.png
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img11.png
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img12.png
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: M&T Bank (Banking)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery function| numbersOnly function| digitsOnly function| allowedChars function| isOneOf object| input0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
samufoodproducts.com
65.108.8.92
3ff6bad244bd8091d25a729ac161165bee52b46a673380d55681ef9aa5e3dd60
437f9ffe9cb8b3419192a8a1b278cf4ecf0c46d40f0a12b40ae025115611999c
548fa7301a1233dec86d3d51d3769be93dc4026a090290e522fef14aed4b3a54
5d20b26580f3949318b3ae88ea9f8493f176b73d7aadad3cf2769658e5ef93d5
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
83b36251ba5de13f4d9d39097e70249293b82e6cdd4094e73d20a697e70d34fb
872ea5a39d23d5292d95a046f59b44e499da43cdcae856726aa8fbfbe580b89a
a65ff79f06ebb312bf0a22c116b05b2b5fd6a36dc91eac33f01cfe742d7ae985