www.brasilit.com.br
Open in
urlscan Pro
187.18.54.17
Malicious Activity!
Public Scan
Effective URL: http://www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/
Submission: On June 07 via automatic, source openphish
Summary
This is the only time www.brasilit.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banque Populaire (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 22 | 187.18.54.17 187.18.54.17 | 21911 (UOL DIVEO...) (UOL DIVEO S.A.) | |
2 | 91.134.157.162 91.134.157.162 | 16276 (OVH) (OVH) | |
22 | 3 |
ASN21911 (UOL DIVEO S.A., BR)
PTR: sgobain-app-01.dualtec.com.br
www.brasilit.com.br |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
brasilit.com.br
3 redirects
www.brasilit.com.br |
131 KB |
2 |
facil-iti.com
ws.facil-iti.com |
3 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
22 | 3 |
Domain | Requested by | |
---|---|---|
22 | www.brasilit.com.br |
3 redirects
www.brasilit.com.br
|
2 | ws.facil-iti.com |
www.brasilit.com.br
ws.facil-iti.com |
0 | faieahckjkcpljkaedbjidlhhcigddal Failed |
www.brasilit.com.br
|
22 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.icgauth.banquepopulaire.fr |
www.ouest.banquepopulaire.fr |
www.ibps.ouest.banquepopulaire.fr |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ws.facil-iti.com Gandi Standard SSL CA 2 |
2018-03-05 - 2020-04-08 |
2 years | crt.sh |
This page contains 5 frames:
Primary Page:
http://www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/
Frame ID: B8813FF5FFCD71811D5413C41A1B70B3
Requests: 13 HTTP requests in this frame
Frame:
http://www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/Bienvenue%20sur%20Cyberplus_files/getResource.html
Frame ID: DD2AD0FF4F22F8CB7D92D9B84AFDA4A6
Requests: 6 HTTP requests in this frame
Frame:
http://www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/Bienvenue%20sur%20Cyberplus_files/saved_resource.html
Frame ID: B8E9BB44B5F1836A2DF974B661CFEBC8
Requests: 1 HTTP requests in this frame
Frame:
http://www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/Bienvenue%20sur%20Cyberplus_files/saved_resource(1).html
Frame ID: 66190F07B987C3ED7D3D83CCB87EA45C
Requests: 1 HTTP requests in this frame
Frame:
https://ws.facil-iti.com/tag/proxy/?id=71de70fb-178a-11e6-abd6-000c298ed446&d=d3d3LmJyYXNpbGl0LmNvbS5icg==
Frame ID: 22E59F0BE6F48C8E6EEAD599923B1CD0
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr
HTTP 301
http://www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/ HTTP 302
http://www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef621... HTTP 301
http://www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef621... Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Voir la démo Cyberplus
Search URL Search Domain Scan URL
Title: Aide à la connexion
Search URL Search Domain Scan URL
Title: Sécurité
Search URL Search Domain Scan URL
Title: Infos navigateurs
Search URL Search Domain Scan URL
Title: Plan du site
Search URL Search Domain Scan URL
Title: Mentions légales
Search URL Search Domain Scan URL
Title: Présentation Cyberplus
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr
HTTP 301
http://www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/ HTTP 302
http://www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22 HTTP 301
http://www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/ Redirect Chain
|
16 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min.css
www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/Bienvenue%20sur%20Cyberplus_files/ |
13 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.css
www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/Bienvenue%20sur%20Cyberplus_files/ |
258 B 500 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
21.PNG
www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/ |
77 KB 77 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
play_cyberplus.svg
www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/Bienvenue%20sur%20Cyberplus_files/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
perfmon.js.t%C3%A9l%C3%A9chargement
www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/Bienvenue%20sur%20Cyberplus_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ma_api.js
faieahckjkcpljkaedbjidlhhcigddal/assets/js/scripts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eyeOn.svg
www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/img/ |
30 KB 30 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_BPO_desktop.png
www.brasilit.com.br/WebSSO_BP/img/ |
317 B 317 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Ubuntu-L.ttf
www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/font/ubuntu/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Ubuntu-R.ttf
www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/font/ubuntu/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
symbols_89C3.ttf
www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Ubuntu-M.ttf
www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/font/ubuntu/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getResource.html
www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/Bienvenue%20sur%20Cyberplus_files/ Frame DD2A |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource.html
www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/Bienvenue%20sur%20Cyberplus_files/ Frame B8E9 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
charte_iv0.css
www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/Bienvenue%20sur%20Cyberplus_files/ Frame DD2A |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles_bp.css
www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/Bienvenue%20sur%20Cyberplus_files/ Frame DD2A |
384 B 497 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
faciliti-tag.min.js.t%C3%A9l%C3%A9chargement
www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/Bienvenue%20sur%20Cyberplus_files/ Frame DD2A |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BP_Picto_service-securise.png
www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/Bienvenue%20sur%20Cyberplus_files/ Frame DD2A |
992 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
faciliti-tag.min.js
ws.facil-iti.com/tag/ Frame DD2A |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource(1).html
www.brasilit.com.br/sites/default/files/core/www.banque-populaire.fr/2c7e89d3b07346d8e96846ef6214ac22/Bienvenue%20sur%20Cyberplus_files/ Frame 6619 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
ws.facil-iti.com/tag/proxy/ Frame 22E5 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- faieahckjkcpljkaedbjidlhhcigddal
- URL
- chrome-extension://faieahckjkcpljkaedbjidlhhcigddal/assets/js/scripts/ma_api.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banque Populaire (Banking)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| oScript1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ws.facil-iti.com/ | Name: srvnode Value: srv02 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
faieahckjkcpljkaedbjidlhhcigddal
ws.facil-iti.com
www.brasilit.com.br
faieahckjkcpljkaedbjidlhhcigddal
187.18.54.17
91.134.157.162
12040990a780ea605673d868778142ea03d214a880105f28667471c8bbb9bc83
14f7ef7cddd76858cd80f5740ba2da173b1a979d4a7f9672b1bd7dcc3ce9c9b9
15e87657a047e93869e58fbb8db45541af71a1b871a0f346c512239082635dfc
22edc0e6778ed62a046d971287468840d96534c62233ccfbd99e6b1783cabe7b
251b967076118c681a5dba66a2bb46433e07731a21298c2fce038125d0c90b8c
2fd36815b2b108990171aaae1e86e73bd59acbd5fefe20bb563088ae96731b4f
3c31de6adca8d603701482d28de049340d37bb25cac2760a7d41835c699be2fb
585763aae0d6ee5fce7c2b8deed6816a6ce0f89a0000d889ffe2f21fbd834d29
7f6db334e1e3d9c163f25950131240ea42669cc18d37f63dd4a4b5eec263882f
8c8a39174a75f63f774759eac6eb5b2acbc7009d0b56bdc1393057f20b697342
902518f9b6aefd8d44bc7a457a79915d5a9256fbcb9208e33a9ef4bbb0e9047f
b835b3c384abf840b282a43666793b76aaa7eed9997014cb7511757418b66747
cb4b1dd54c1b1a1bd7c378699205670d3dd7ef52826cb0a624df738896a7e1f5
e59b99d1ec20929fc4fe16d56066d77abcea5d7e52c17aec0ae1e100552e4624