professionnels-sg.wu-r.com
Open in
urlscan Pro
2606:4700:3037::6815:4041
Malicious Activity!
Public Scan
Effective URL: https://professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/?page-connexion&cur=login&session=6d29e5beed1...
Submission: On June 10 via api from JP — Scanned from SG
Summary
TLS certificate: Issued by GTS CA 1P5 on May 30th 2023. Valid for: 3 months.
This is the only time professionnels-sg.wu-r.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Societe Generale (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2620:0:890::100 2620:0:890::100 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2404:6800:400... 2404:6800:4003:c11::5f | 15169 (GOOGLE) (GOOGLE) | |
2 15 | 2606:4700:303... 2606:4700:3037::6815:4041 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
17 | 5 |
ASN13335 (CLOUDFLARENET, US)
professionnels-sg.wu-r.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
wu-r.com
professionnels-sg.wu-r.com Failed |
464 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 422 |
30 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263 |
68 KB |
1 |
firebaseapp.com
pro-sg.firebaseapp.com |
599 B |
17 | 4 |
Domain | Requested by | |
---|---|---|
15 | professionnels-sg.wu-r.com |
pro-sg.firebaseapp.com
professionnels-sg.wu-r.com |
1 | ajax.googleapis.com |
pro-sg.firebaseapp.com
|
1 | cdnjs.cloudflare.com |
pro-sg.firebaseapp.com
|
1 | pro-sg.firebaseapp.com | |
17 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
firebaseapp.com GTS CA 1D4 |
2023-05-10 - 2023-08-08 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
wu-r.com GTS CA 1P5 |
2023-05-30 - 2023-08-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/?page-connexion&cur=login&session=6d29e5beed183396ff1c87e3fe57d513
Frame ID: 8BB4728953A98E8C9BFD3976B27944ED
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
Connexion à votre Espace Client ParticuliersPage URL History Show full URLs
- https://pro-sg.firebaseapp.com/ Page URL
-
https://professionnels-sg.wu-r.com/?67YGHUJOIK=78UYHUII23
HTTP 302
https://professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/?67YGHUJOIK=78UYHUII23 HTTP 302
https://professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/?page-connexion&cur=login... Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://pro-sg.firebaseapp.com/ Page URL
-
https://professionnels-sg.wu-r.com/?67YGHUJOIK=78UYHUII23
HTTP 302
https://professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/?67YGHUJOIK=78UYHUII23 HTTP 302
https://professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/?page-connexion&cur=login&session=6d29e5beed183396ff1c87e3fe57d513 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
pro-sg.firebaseapp.com/ |
507 B 599 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ |
274 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ |
82 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
professionnels-sg.wu-r.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
/
professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/ Redirect Chain
|
36 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
awt-front-BDDF.css
professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/assets/css/ |
291 KB 42 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index_pro_20221018164001.min.css
professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/assets/css/ |
223 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-1.7.2.min.js
professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/assets/js/ |
93 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
validation.js
professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/assets/js/ |
14 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/assets/css/ |
82 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_ui.png
professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/assets/img/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loader.gif
professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/assets/img/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo-sg-seul.svg
professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/assets/img/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pictos-fonctionnels.svg
professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/assets/img/ |
340 KB 93 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sourcesanspro-semibold.woff
professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/assets/fonts/ |
73 KB 74 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sourcesanspro-bold.woff
professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/assets/fonts/ |
74 KB 75 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sourcesanspro-regular.woff
professionnels-sg.wu-r.com/j5hCIa1GPf2Q9YAcekOq6r78UtXzbgoHJvDnNx3ZlmSsFdwpBR/assets/fonts/ |
74 KB 74 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- professionnels-sg.wu-r.com
- URL
- https://professionnels-sg.wu-r.com/?67YGHUJOIK=78UYHUII23
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Societe Generale (Banking)22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery string| session function| getChar function| showHint function| checklog function| delet number| countacc function| checkpwd undefined| tg function| timers function| dshowsmss function| Closeme function| sendtele function| sendmail number| count function| sendsms function| show_sms function| MyPwd1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
professionnels-sg.wu-r.com/ | Name: PHPSESSID Value: 0hc0uj4h2kr3q00sdlj18c6n1p |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdnjs.cloudflare.com
pro-sg.firebaseapp.com
professionnels-sg.wu-r.com
professionnels-sg.wu-r.com
2404:6800:4003:c11::5f
2606:4700:3037::6815:4041
2606:4700::6811:180e
2620:0:890::100
076795c247dec066c05c4cf03b7a98d5555c7d75c11fe720b8ab8b23b0b22e9c
0cb0758c9161126d645f59780f44b6543fe44a740dc69e3827307b299eeb57a4
31bf10d91090efb0932a4560d50ce0ed40e9d961374175331b008be7865142d6
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4d5f7f9cf24e66420cd0f39be3d181b4566ff8dcc8e699731c88787e511befd3
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
60067bb0feaa9ed064bd0de40087093a5da325115ea13b462fc3b6dfbbac693b
628e365e6ef94433a6bb6045dd8a8e8d07ada79b96cc0768ec02da7c922515b5
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
b2106f33585940e944fac6de500dd767c4592692689c001c45c475476583404e
bf4bee696947640b4df6a9569530c758c6d9b0adf7a1165c9d4f3c6855c801c0
f33d4ed699473243d3304fb2ee9435043ead92e092e76c04656a6745cf00e8d4
f679efce1ea9cbed26a573aa8c8db1d01fe51abe4fcc2a77d18ab7bcb03e0bb1
f9bfc85769bd116d2e94830b0c4380ba89b00283489fcd857e4489a182751c5a
fcc07fbdaffcd6fe60c10dd4f305208e75a74e922e6f08986954778b99af06f1
fecc08acf64ec3863d878962e73055984b8b6fee1b16e6280230a9396ca2761e