urlscan.io logo urlscan.io
SecurityTrails logo

brprodutora.com Open in urlscan Pro
191.252.143.158  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://brprodutora.com/SgP/home
Effective URL: http://brprodutora.com/SgP/home/SgP-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLa...
Submission: On December 07 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 191.252.143.158, located in Brazil and belongs to Locaweb Servicos de Internet SA, BR. The main domain is brprodutora.com.
This is the only time brprodutora.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Societe Generale (Banking)

Domain & IP information

IP Address AS Autonomous System
2 4 191.252.143.158 27715 (Locaweb S...)
2 2
Apex Domain
Subdomains		 Transfer
4 brprodutora.com
brprodutora.com
612 KB
2 1
Domain Requested by
4 brprodutora.com 2 redirects brprodutora.com
2 1

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://brprodutora.com/SgP/home/SgP-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuOTQgU2FmYXJpLzUzNy4zNjE4NS4yMTMuMTU1LjE3NjIwMjI6RGVjOldlZA==
Frame ID: 6A0A55CE308B68CC22693503D368DC43
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Société Générale | ConnexionConnexion - Espace client

Page URL History Show full URLs

  1. http://brprodutora.com/SgP/home HTTP 301
    http://brprodutora.com/SgP/home/ HTTP 302
    http://brprodutora.com/SgP/home/SgP-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7I... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

2
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

737 kB
Transfer

750 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://brprodutora.com/SgP/home HTTP 301
    http://brprodutora.com/SgP/home/ HTTP 302
    http://brprodutora.com/SgP/home/SgP-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuOTQgU2FmYXJpLzUzNy4zNjE4NS4yMTMuMTU1LjE3NjIwMjI6RGVjOldlZA== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request SgP-log.php
brprodutora.com/SgP/home/
Redirect Chain
  • http://brprodutora.com/SgP/home
  • http://brprodutora.com/SgP/home/
  • http://brprodutora.com/SgP/home/SgP-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuOTQgU2FmYXJpLzU...
524 KB
525 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://brprodutora.com/SgP/home/SgP-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuOTQgU2FmYXJpLzUzNy4zNjE4NS4yMTMuMTU1LjE3NjIwMjI6RGVjOldlZA==
Protocol
HTTP/1.1
Server
191.252.143.158 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
8fb6ec77b089ecab7b66425bccd304e5388d81ce59209329c823ec8bbd3873c0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 07 Dec 2022 06:52:41 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 07 Dec 2022 06:52:40 GMT
Keep-Alive
timeout=5, max=99
Server
Apache
Transfer-Encoding
chunked
location
SgP-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuOTQgU2FmYXJpLzUzNy4zNjE4NS4yMTMuMTU1LjE3NjIwMjI6RGVjOldlZA==
truncated
/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e65a132b72d06f5bab4c247a57d242668907d0b2223df9d0a79cadf2293258e2

Request headers

Referer
http://brprodutora.com/
Origin
http://brprodutora.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9002f15509561eac474a4efd995402e0155b58c303f007928fff96d462be6f6c

Request headers

Referer
http://brprodutora.com/
Origin
http://brprodutora.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a4da7c9460101b9f5a9118c8e31c310cb7851728f79771db5c925dde35b6351

Request headers

Referer
http://brprodutora.com/
Origin
http://brprodutora.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff61389a6668588e4941159c1848f0b4452d2f2f10dc42d2b4ab36222711349d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brprodutora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		298 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f081292b4fc731b0d8a40e09ea2719bea15325fd809f61a78a02b1e77e0ea2ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brprodutora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		318 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd036fb1670903c1e0605fda04bf3dba0e9ded73afb4aa08564a7253913b57c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brprodutora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12ad8a6fe4c03864191066da21747429eb42250696a30943f165b6bbc19ae162

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brprodutora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d5f7f9cf24e66420cd0f39be3d181b4566ff8dcc8e699731c88787e511befd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brprodutora.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
jquery.min.js
brprodutora.com/SgP/home/SgP_files/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://brprodutora.com/SgP/home/SgP_files/jquery.min.js
Requested by
Host: brprodutora.com
URL: http://brprodutora.com/SgP/home/SgP-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuOTQgU2FmYXJpLzUzNy4zNjE4NS4yMTMuMTU1LjE3NjIwMjI6RGVjOldlZA==
Protocol
HTTP/1.1
Server
191.252.143.158 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://brprodutora.com/SgP/home/SgP-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOC4wLjUzNTkuOTQgU2FmYXJpLzUzNy4zNjE4NS4yMTMuMTU1LjE3NjIwMjI6RGVjOldlZA==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 06:52:44 GMT
Last-Modified
Mon, 18 Apr 2022 19:38:02 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
88145

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Societe Generale (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery number| count function| inputset

0 Cookies