![](/screenshots/fcc0d80e-74f2-480f-800a-4f2919c26c34.png)
www.b2b-location-brais.fr
Open in
urlscan Pro
31.222.195.29
Malicious Activity!
Public Scan
Submission: On December 19 via automatic, source openphish
Summary
TLS certificate: Issued by Gandi Standard SSL CA 2 on October 22nd 2018. Valid for: a year.
This is the only time www.b2b-location-brais.fr was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Électricité de France (Utility)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 31.222.195.29 31.222.195.29 | 8218 (NEO-ASN l...) (NEO-ASN legacy Neotelecoms) | |
5 | 160.92.186.71 160.92.186.71 | 8677 (WORLDLINE) (WORLDLINE) | |
1 | 103.254.137.2 103.254.137.2 | 38719 (DREAMSCAP...) (DREAMSCAPE-AS-AP Dreamscape Networks Limited) | |
8 | 3 |
ASN8218 (NEO-ASN legacy Neotelecoms, FR)
PTR: bv-lamp-01-prod.bellvision.fr
www.b2b-location-brais.fr |
ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)
PTR: sknet.ht.dstier2.com
www.townsvilleelectrical.com.au |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
wlp-acs.com
lbp.wlp-acs.com |
8 KB |
2 |
b2b-location-brais.fr
www.b2b-location-brais.fr |
5 KB |
1 |
townsvilleelectrical.com.au
www.townsvilleelectrical.com.au |
14 KB |
8 | 3 |
Domain | Requested by | |
---|---|---|
5 | lbp.wlp-acs.com |
www.b2b-location-brais.fr
|
2 | www.b2b-location-brais.fr |
www.b2b-location-brais.fr
|
1 | www.townsvilleelectrical.com.au |
www.b2b-location-brais.fr
|
8 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.b2b-location-brais.fr Gandi Standard SSL CA 2 |
2018-10-22 - 2019-10-22 |
a year | crt.sh |
lbp.wlp-acs.com Entrust Certification Authority - L1K |
2017-05-26 - 2019-06-22 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.b2b-location-brais.fr/wp-content/plugins/elementor/EDF/vbv/index2.php
Frame ID: 6E5AE4A72D4B1ED0C65F3FE3552FD068
Requests: 8 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
![]() www.b2b-location-brais.fr/wp-content/plugins/elementor/EDF/vbv/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles-banque.css
lbp.wlp-acs.com/css/ |
5 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
www.b2b-location-brais.fr/wp-content/plugins/elementor/EDF/vbv/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
haki.jpg
www.townsvilleelectrical.com.au/wp-content/plugins/ |
13 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn_ok_onn.png
lbp.wlp-acs.com/imgs/imagesTemplates/ |
997 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ar_h.gif
lbp.wlp-acs.com/imgs/imagesTemplates/ |
180 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ar_b.gif
lbp.wlp-acs.com/imgs/imagesTemplates/ |
180 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fl_b.png
lbp.wlp-acs.com/imgs/imagesTemplates/ |
135 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Électricité de France (Utility)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.b2b-location-brais.fr/ | Name: PHPSESSID Value: fagidcucuk9tss821s8brmap6t |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
lbp.wlp-acs.com
www.b2b-location-brais.fr
www.townsvilleelectrical.com.au
103.254.137.2
160.92.186.71
31.222.195.29
359e44e3a0bf3d3d58302f1e5c521fcb18eb3a7b92d3fe158b50be2a656dd018
937bd0bf0b0ce1431c3cb4efe9195f646b6db558adf972108dab44216ddb36eb
957afaaad6d66027743e75bf38097a873f6d6624f1c82bf8885a73c493ff57bb
968b8cc44e7976e47a1333fe5c899acf18dded7112b74c5c42f8193420fc0d64
c10fde7e3c485806892c2df9609c164fd5e83825b697c30946034e2778f612b4
ca1347c5670aca8060b3bb0461e4a38ae8881e68547c35d165e214fb7524e9da
f337f4f2e442c8cad8c7b63bdd34283b5823e0fb92b84d563ef0b371dba2424a
f3cd338409ccbbe4b7b74ce89ffc4c48f1615ded2eebaa67220e1430dc872519