samufoodproducts.com
Open in
urlscan Pro
65.108.8.92
Malicious Activity!
Public Scan
Submission: On February 02 via api from US — Scanned from US
Summary
This is the only time samufoodproducts.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: M&T Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 65.108.8.92 65.108.8.92 | 24940 (HETZNER-AS) (HETZNER-AS) | |
13 | 1 |
ASN24940 (HETZNER-AS, DE)
PTR: static.92.8.108.65.clients.your-server.de
samufoodproducts.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
samufoodproducts.com
samufoodproducts.com |
286 KB |
13 | 1 |
Domain | Requested by | |
---|---|---|
13 | samufoodproducts.com |
samufoodproducts.com
|
13 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/index.php
Frame ID: 5E5426CF43C7F381725B79769A2CB466
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
M&T Bank - Personal & Business Banking, Mortgages, & More | M&T BankDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.php
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/ |
7 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/css/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jqueryLib.js
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/js/ |
85 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
actions.js
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg.jpg
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/ |
63 KB 64 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img1.png
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/ |
87 KB 87 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img2.png
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img7.png
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img3.png
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img4.png
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img5.png
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img6.png
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img8.png
samufoodproducts.com/catalog/view/feed/3.mtb.com/www3.mtb.com/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: M&T Bank (Banking)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery function| numbersOnly function| digitsOnly function| allowedChars function| isOneOf object| input0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
samufoodproducts.com
65.108.8.92
1963d31b3357ace8f6803cba37251f35d5ba3089e737715d21f11f4629118b1e
2e13ffdcf66d7b41a3e01fd305d4f472d58d62945d3fb7f26c5f5c515cf7733b
3e17fd7faa310504d6a589771154370745643ef1cb4ba0900d92fe88aea52619
5d20b26580f3949318b3ae88ea9f8493f176b73d7aadad3cf2769658e5ef93d5
607409a891eb7934e9f4e190d6e28cb8d7bc356bde7341192ff94de2ade47f2f
6367477cfd5f1188d09d073ed7110d798b2b898c37b9c5319edf6e408f2338ad
6d4f5cfa6062ef9b6134d17eae161e12abb135367cc71665a45ca0e980b65cf9
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
7669788aaf850c14ad42eb843c95c983480c3e74f898b9290f98e9fa503d950f
a65ff79f06ebb312bf0a22c116b05b2b5fd6a36dc91eac33f01cfe742d7ae985
b6f549b230551098c3b174f212b20708cfc6751c90727dca1a9cc67e5dd74b2d
bbf0f003abd044530368e0c31af1535ed447be0a6286b132f0575ddd651c08e1
c855c3d83c53abee49d33f74321afcc166cd2dd5296b9011a8c113ff3a3318b9