financiacin-agricultores.com Open in urlscan Pro
62.171.177.175 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://financiacin-agricultores.com/home.php
Submission: On October 08 via automatic, source phishtank (October 8th 2023, 12:23:29 am UTC) — Scanned from DE

Summary HTTP 55 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 55 HTTP transactions. The main IP is 62.171.177.175, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is financiacin-agricultores.com.
TLS certificate: Issued by R3 on October 5th 2023. Valid for: 3 months.

This is the only time financiacin-agricultores.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Credit Agricole (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2	62.171.177.175 62.171.177.175	51167 (CONTABO) (CONTABO)
44	51.104.144.10 51.104.144.10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.74.41.233 13.74.41.233	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
7	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
55	5

2 62.171.177.175 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: cnt24.cowabi.com

financiacin-agricultores.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 51.104.144.10 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.creditoagricola.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.74.41.233 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pr-cb-bot.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	creditoagricola.pt www.creditoagricola.pt — Cisco Umbrella Rank: 545407	2 MB
7	gstatic.com fonts.gstatic.com	131 KB
2	financiacin-agricultores.com financiacin-agricultores.com	161 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	1 KB
1	azurewebsites.net pr-cb-bot.azurewebsites.net	7 KB
55	5

	Domain	Requested by
44	www.creditoagricola.pt	financiacin-agricultores.com www.creditoagricola.pt
7	fonts.gstatic.com	fonts.googleapis.com
2	financiacin-agricultores.com	financiacin-agricultores.com
1	fonts.googleapis.com	www.creditoagricola.pt
1	pr-cb-bot.azurewebsites.net	financiacin-agricultores.com
55	5

This site contains links to these domains. Also see Links.

Domain
play.google.com
itunes.apple.com
appgallery.huawei.com
onlineparticulares.creditoagricola.pt
apps.apple.com
www.creditoagricola.pt
www.caimoveis.pt
casonline.ca-seguros.pt
www.autenticacao.gov.pt
www.livroreclamacoes.pt
www.instagram.com
pt-pt.facebook.com
www.youtube.com
www.linkedin.com
www.tiktok.com

Subject Issuer	Validity	Valid
financiacin-agricultores.com R3	`2023-10-05` - `2024-01-03`	3 months	crt.sh
www.creditoagricola.pt Sectigo RSA Organization Validation Secure Server CA	`2023-05-18` - `2024-06-16`	a year	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 01	`2023-08-01` - `2024-06-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://financiacin-agricultores.com/home.php
Frame ID: B329DD6C59AE6EC20DD3CB63E42C919C
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Crédito Agrícola

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

55
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

2261 kB
Transfer

3635 kB
Size

2
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=ca.mobile.explorer&feature=search_result#?t=W251bGwsMSwyLDEsImNhLm1vYmlsZS5leHBsb3JlciJd&utm_medium=popup&utm_source=site%20institucional%20&utm_campaign=0120-appcamobile&utm_content=android%20
Title: Ver

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/pt/app/ca-mobile/id516082610?mt=8&utm_medium=popup&utm_source=site%20institucional%20&utm_campaign=0120-appcamobile&utm_content=iOS
Title: Ver

Search URL Search Domain Scan URL

URL: https://appgallery.huawei.com/#/app/C103173763?locale=pt_PT&source=appshare&subsource=C103173763
Title: Ver

Search URL Search Domain Scan URL

URL: https://onlineparticulares.creditoagricola.pt/pt/adesao
Title: ADERIR

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ca.mobile.explorer

Search URL Search Domain Scan URL

URL: https://apps.apple.com/pt/app/ca-mobile/id516082610

Search URL Search Domain Scan URL

URL: https://appgallery.huawei.com/app/C103173763?sharePrepath=ag&locale=pt_PT&source=appshare&subsource=C103173763

Search URL Search Domain Scan URL

URL: https://www.creditoagricola.pt/para-mim/ca-seguranca-online
Title: Recomendações de Segurança

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.creditoagricola.camobileempresas

Search URL Search Domain Scan URL

URL: https://apps.apple.com/pt/app/ca-mobile-empresas/id956842500

Search URL Search Domain Scan URL

URL: https://appgallery.huawei.com/app/C104078911?sharePrepath=ag&locale=pt_PT&source=appshare&subsource=C104078911

Search URL Search Domain Scan URL

URL: https://www.caimoveis.pt/
Title: Os nossos imóveis Ver mais

Search URL Search Domain Scan URL

URL: https://casonline.ca-seguros.pt/
Title: CA Seguros Online Aceder

Search URL Search Domain Scan URL

URL: https://www.creditoagricola.pt/institucional/o-grupo-ca/empresas-participadas/ca-seguros#condicoes-gerais-e-especiais-section
Title: Condições Gerais e Especiais

Search URL Search Domain Scan URL

URL: https://www.creditoagricola.pt/GetApp
Title: Instalar App

Search URL Search Domain Scan URL

URL: https://www.autenticacao.gov.pt/cmd-pedido-chave
Title: Chave Móvel Digital Já tem a sua? A Chave Móvel Digital é um meio de autenticação e assinatura digital certificado pelo Estado português.

Search URL Search Domain Scan URL

URL: https://www.creditoagricola.pt/para-mim/dia-a-dia/abertura-de-conta
Title: Envie um Pedido de Contacto

Search URL Search Domain Scan URL

URL: https://www.creditoagricola.pt//-/media/5fa3f3c908a54603b8822722fd574fa1.pdf
Title: Condições Gerais do Contrato de Depósito - CCAM

Search URL Search Domain Scan URL

URL: https://www.creditoagricola.pt//-/media/1b3335a45dd74984ae53abf79d0c755c.pdf
Title: Condições Gerais do Contrato de depósito - Caixa Central

Search URL Search Domain Scan URL

URL: https://www.creditoagricola.pt//-/media/3c213b7770be4bc0b1bdcce462e60c1c.pdf
Title: Informação Prévia - Conta SMB

Search URL Search Domain Scan URL

URL: https://www.creditoagricola.pt//-/media/8410ff929def4d6aa2807c22c9dec63f.pdf
Title: Condições Gerais da Conta SMB - Caixa Central

Search URL Search Domain Scan URL

URL: https://www.creditoagricola.pt//-/media/eca45879fb764fc18bbfe7145807e0e8.pdf
Title: Condições Gerais da Conta SMB CCAM

Search URL Search Domain Scan URL

URL: https://www.creditoagricola.pt//-/media/0f1e876ee125406e8c0fd650bc982175.pdf
Title: Formulário de Informação do Depositante

Search URL Search Domain Scan URL

URL: https://www.creditoagricola.pt/para-mim/dia-a-dia/conta-do-particulares
Title: Conta Depósitos à Ordem Particulares

Search URL Search Domain Scan URL

URL: https://www.creditoagricola.pt/para-mim/dia-a-dia/conta-superjovem
Title: Conta SuperJovem

Search URL Search Domain Scan URL

URL: https://www.creditoagricola.pt/institucional/o-grupo-ca/pesquisa-agencias
Title: Agência CA

Search URL Search Domain Scan URL

URL: https://www.livroreclamacoes.pt/Inicio/
Title: Livro de Reclamações

Search URL Search Domain Scan URL

URL: https://www.creditoagricola.pt/-/media/c4a0fd547593416697e4b6660ccb4108.pdf
Title: Política Selecção e Designação (ROC/SROC)

Search URL Search Domain Scan URL

URL: https://www.instagram.com/creditoagricola/

Search URL Search Domain Scan URL

URL: https://pt-pt.facebook.com/grupocreditoagricola/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCVR-Wq2W9bccwEfSioC5o6A

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/credito-agricola/mycompany/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@creditoagricola

Search URL Search Domain Scan URL

URL: https://www.creditoagricola.pt/institucional/o-grupo-ca/contactos
Title: Contactos

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request home.php Show response
financiacin-agricultores.com/ 160 KB
161 KB 482ms
183ms Document
text/html 62.171.177.175
CONTABO

General

			Domain/Path	Expires	Name / Value
			financiacin-agricultores.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: t2crull913lc01bp3vlv3t819s
			.pr-cb-bot.azurewebsites.net/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: d7d780c84f9ed5ad431d3e30d3a55ef016ed957e833be43f37c3a10ab5d87674

financiacin-agricultores.com Open in urlscan Pro 62.171.177.175 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

100 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

2261 kBTransfer

3635 kBSize

2 Cookies

34 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

financiacin-agricultores.com Open in urlscan Pro
62.171.177.175 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

2261 kB
Transfer

3635 kB
Size

2
Cookies

55 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!