samufoodproducts.com Open in urlscan Pro
65.108.8.92 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/emsslv9082.php?s61y07eBvQ0sh430QehJ0XD94YvHTHfaMiL7bvt5...
Submission: On February 02 via api (February 2nd 2023, 3:07:56 pm UTC) from US — Scanned from US

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 65.108.8.92, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is samufoodproducts.com.

This is the only time samufoodproducts.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: M&T Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
8	65.108.8.92 65.108.8.92		24940 (HETZNER-AS) (HETZNER-AS)
8	1

8 65.108.8.92 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.92.8.108.65.clients.your-server.de

samufoodproducts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	samufoodproducts.com samufoodproducts.com	136 KB
8	1

	Domain	Requested by
8	samufoodproducts.com	samufoodproducts.com
8	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/emsslv9082.php?s61y07eBvQ0sh430QehJ0XD94YvHTHfaMiL7bvt5OZJyPRZGHcRMhoXHyhng6RM0u6gpGYvYQd8ujAsc8YzgAoEqpS3rU2F3F5YS5EAau2LifZNTvY02ENflur3MKGrUgo9cCK5A6er3n7nWpWIj9buTwjsvU0MhMuhrwZDwBLfZg3LtidNuuHQvjfF5vmu0mYj0SJeN
Frame ID: 2529108EFE8CB799E119DBE6EC20D4F5
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Secured SSL Email VerificationM&T Bank

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

136 kB
Transfer

134 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request emsslv9082.php Show response samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/	7 KB 7 KB	225ms 124ms	Document text/html	65.108.8.92 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/emsslv9082.php?s61y07eBvQ0sh430QehJ0XD94YvHTHfaMiL7bvt5OZJyPRZGHcRMhoXHyhng6RM0u6gpGYvYQd8ujAsc8YzgAoEqpS3rU2F3F5YS5EAau2LifZNTvY02ENflur3MKGrUgo9cCK5A6er3n7nWpWIj9buTwjsvU0MhMuhrwZDwBLfZg3LtidNuuHQvjfF5vmu0mYj0SJeN Protocol HTTP/1.1 Server 65.108.8.92 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.92.8.108.65.clients.your-server.de Software Apache / PHP/7.4.24 Resource Hash `83b36251ba5de13f4d9d39097e70249293b82e6cdd4094e73d20a697e70d34fb` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Thu, 02 Feb 2023 15:07:47 GMT Keep-Alive timeout=3, max=100 Server Apache Transfer-Encoding chunked X-Powered-By PHP/7.4.24
GET H/1.1	200 OK	style.css samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/css/	8 KB 8 KB	100ms 96ms	Stylesheet text/css	65.108.8.92 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/css/style.css Requested by Host: samufoodproducts.com URL: http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/emsslv9082.php?s61y07eBvQ0sh430QehJ0XD94YvHTHfaMiL7bvt5OZJyPRZGHcRMhoXHyhng6RM0u6gpGYvYQd8ujAsc8YzgAoEqpS3rU2F3F5YS5EAau2LifZNTvY02ENflur3MKGrUgo9cCK5A6er3n7nWpWIj9buTwjsvU0MhMuhrwZDwBLfZg3LtidNuuHQvjfF5vmu0mYj0SJeN Protocol HTTP/1.1 Server 65.108.8.92 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.92.8.108.65.clients.your-server.de Software Apache / Resource Hash `a65ff79f06ebb312bf0a22c116b05b2b5fd6a36dc91eac33f01cfe742d7ae985` Request headers accept-language en-US,en;q=0.9 Referer http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/emsslv9082.php?s61y07eBvQ0sh430QehJ0XD94YvHTHfaMiL7bvt5OZJyPRZGHcRMhoXHyhng6RM0u6gpGYvYQd8ujAsc8YzgAoEqpS3rU2F3F5YS5EAau2LifZNTvY02ENflur3MKGrUgo9cCK5A6er3n7nWpWIj9buTwjsvU0MhMuhrwZDwBLfZg3LtidNuuHQvjfF5vmu0mYj0SJeN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 02 Feb 2023 15:07:47 GMT Last-Modified Fri, 09 Oct 2020 16:52:40 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=99 Content-Length 7845
GET H/1.1	200 OK	jqueryLib.js Show response samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/js/	85 KB 85 KB	196ms 98ms	Script application/javascript	65.108.8.92 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/js/jqueryLib.js Requested by Host: samufoodproducts.com URL: http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/emsslv9082.php?s61y07eBvQ0sh430QehJ0XD94YvHTHfaMiL7bvt5OZJyPRZGHcRMhoXHyhng6RM0u6gpGYvYQd8ujAsc8YzgAoEqpS3rU2F3F5YS5EAau2LifZNTvY02ENflur3MKGrUgo9cCK5A6er3n7nWpWIj9buTwjsvU0MhMuhrwZDwBLfZg3LtidNuuHQvjfF5vmu0mYj0SJeN Protocol HTTP/1.1 Server 65.108.8.92 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.92.8.108.65.clients.your-server.de Software Apache / Resource Hash `75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35` Request headers accept-language en-US,en;q=0.9 Referer http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/emsslv9082.php?s61y07eBvQ0sh430QehJ0XD94YvHTHfaMiL7bvt5OZJyPRZGHcRMhoXHyhng6RM0u6gpGYvYQd8ujAsc8YzgAoEqpS3rU2F3F5YS5EAau2LifZNTvY02ENflur3MKGrUgo9cCK5A6er3n7nWpWIj9buTwjsvU0MhMuhrwZDwBLfZg3LtidNuuHQvjfF5vmu0mYj0SJeN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 02 Feb 2023 15:07:47 GMT Last-Modified Fri, 09 Oct 2020 16:52:40 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=100 Content-Length 86663
GET H/1.1	200 OK	actions.js Show response samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/js/	1 KB 2 KB	195ms 97ms	Script application/javascript	65.108.8.92 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/js/actions.js Requested by Host: samufoodproducts.com URL: http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/emsslv9082.php?s61y07eBvQ0sh430QehJ0XD94YvHTHfaMiL7bvt5OZJyPRZGHcRMhoXHyhng6RM0u6gpGYvYQd8ujAsc8YzgAoEqpS3rU2F3F5YS5EAau2LifZNTvY02ENflur3MKGrUgo9cCK5A6er3n7nWpWIj9buTwjsvU0MhMuhrwZDwBLfZg3LtidNuuHQvjfF5vmu0mYj0SJeN Protocol HTTP/1.1 Server 65.108.8.92 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.92.8.108.65.clients.your-server.de Software Apache / Resource Hash `5d20b26580f3949318b3ae88ea9f8493f176b73d7aadad3cf2769658e5ef93d5` Request headers accept-language en-US,en;q=0.9 Referer http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/emsslv9082.php?s61y07eBvQ0sh430QehJ0XD94YvHTHfaMiL7bvt5OZJyPRZGHcRMhoXHyhng6RM0u6gpGYvYQd8ujAsc8YzgAoEqpS3rU2F3F5YS5EAau2LifZNTvY02ENflur3MKGrUgo9cCK5A6er3n7nWpWIj9buTwjsvU0MhMuhrwZDwBLfZg3LtidNuuHQvjfF5vmu0mYj0SJeN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 02 Feb 2023 15:07:47 GMT Last-Modified Fri, 09 Oct 2020 16:52:40 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=100 Content-Length 1422
GET H/1.1	200 OK	logo2.png samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/	5 KB 5 KB	102ms 100ms	Image image/png	65.108.8.92 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/logo2.png Requested by Host: samufoodproducts.com URL: http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/css/style.css Protocol HTTP/1.1 Server 65.108.8.92 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.92.8.108.65.clients.your-server.de Software Apache / Resource Hash `3ff6bad244bd8091d25a729ac161165bee52b46a673380d55681ef9aa5e3dd60` Request headers accept-language en-US,en;q=0.9 Referer http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 02 Feb 2023 15:07:47 GMT Last-Modified Fri, 09 Oct 2020 16:52:40 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=99 Content-Length 4861
GET H/1.1	200 OK	img13.png samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/	4 KB 4 KB	124ms 101ms	Image image/png	65.108.8.92 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/img13.png Requested by Host: samufoodproducts.com URL: http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/css/style.css Protocol HTTP/1.1 Server 65.108.8.92 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.92.8.108.65.clients.your-server.de Software Apache / Resource Hash `548fa7301a1233dec86d3d51d3769be93dc4026a090290e522fef14aed4b3a54` Request headers accept-language en-US,en;q=0.9 Referer http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 02 Feb 2023 15:07:47 GMT Last-Modified Fri, 09 Oct 2020 16:52:40 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=99 Content-Length 4130
GET H/1.1	200 OK	img11.png samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/	10 KB 10 KB	122ms 99ms	Image image/png	65.108.8.92 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/img11.png Requested by Host: samufoodproducts.com URL: http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/css/style.css Protocol HTTP/1.1 Server 65.108.8.92 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.92.8.108.65.clients.your-server.de Software Apache / Resource Hash `872ea5a39d23d5292d95a046f59b44e499da43cdcae856726aa8fbfbe580b89a` Request headers accept-language en-US,en;q=0.9 Referer http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 02 Feb 2023 15:07:47 GMT Last-Modified Fri, 09 Oct 2020 16:52:40 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=98 Content-Length 10479
GET H/1.1	200 OK	img12.png samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/	14 KB 15 KB	163ms 99ms	Image image/png	65.108.8.92 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/img12.png Requested by Host: samufoodproducts.com URL: http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/css/style.css Protocol HTTP/1.1 Server 65.108.8.92 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.92.8.108.65.clients.your-server.de Software Apache / Resource Hash `437f9ffe9cb8b3419192a8a1b278cf4ecf0c46d40f0a12b40ae025115611999c` Request headers accept-language en-US,en;q=0.9 Referer http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 02 Feb 2023 15:07:47 GMT Last-Modified Fri, 09 Oct 2020 16:52:40 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=98 Content-Length 14789

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: M&T Bank (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

samufoodproducts.com
65.108.8.92
3ff6bad244bd8091d25a729ac161165bee52b46a673380d55681ef9aa5e3dd60
437f9ffe9cb8b3419192a8a1b278cf4ecf0c46d40f0a12b40ae025115611999c
548fa7301a1233dec86d3d51d3769be93dc4026a090290e522fef14aed4b3a54
5d20b26580f3949318b3ae88ea9f8493f176b73d7aadad3cf2769658e5ef93d5
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
83b36251ba5de13f4d9d39097e70249293b82e6cdd4094e73d20a697e70d34fb
872ea5a39d23d5292d95a046f59b44e499da43cdcae856726aa8fbfbe580b89a
a65ff79f06ebb312bf0a22c116b05b2b5fd6a36dc91eac33f01cfe742d7ae985

samufoodproducts.com Open in urlscan Pro 65.108.8.92 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

136 kBTransfer

134 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

0 Cookies

Indicators

samufoodproducts.com Open in urlscan Pro
65.108.8.92 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

136 kB
Transfer

134 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!