sinecop.com.br
Open in
urlscan Pro
104.234.235.202
Malicious Activity!
Public Scan
Effective URL: https://sinecop.com.br/f/spanel-19/user/login/spk.php
Submission: On December 07 via api from US — Scanned from CA
Summary
TLS certificate: Issued by R11 on December 2nd 2024. Valid for: 3 months.
This is the only time sinecop.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: S-Pankki (Banking)Live information
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 8 | 104.234.235.202 104.234.235.202 | 263522 (LGNET SER...) (LGNET SERVICOS DE TELECOMUNICACOES LTDA) | |
8 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
sinecop.com.br
1 redirects
sinecop.com.br |
133 KB |
0 |
s-pankki.fi
Failed
www.s-pankki.fi Failed |
|
8 | 2 |
Domain | Requested by | |
---|---|---|
8 | sinecop.com.br |
1 redirects
sinecop.com.br
|
0 | www.s-pankki.fi Failed | |
8 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.sinecop.com.br R11 |
2024-12-02 - 2025-03-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://sinecop.com.br/f/spanel-19/user/login/spk.php
Frame ID: 9CAD6A7FA8C1F442E14B01ED1544ABAC
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
S-PankkiPage URL History Show full URLs
-
https://sinecop.com.br/f/spanel-19/user/loading.php
HTTP 302
https://sinecop.com.br/f/spanel-19/user/login/spk.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://sinecop.com.br/f/spanel-19/user/loading.php
HTTP 302
https://sinecop.com.br/f/spanel-19/user/login/spk.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
spk.php
sinecop.com.br/f/spanel-19/user/login/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
auth.05f49022e1cd9c5b1b15.css
sinecop.com.br/f/spanel-19/user/login/Tunnistautuminen_files/ |
302 KB 56 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spankki.png
sinecop.com.br/f/spanel-19/user/login/Tunnistautuminen_files/ |
24 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
codetable%20(2).jpg
sinecop.com.br/f/spanel-19/user/login/Tunnistautuminen_files/ |
53 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e2d3fd034896d1bc0fc5cd6586862202.woff
sinecop.com.br/theme/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5e1aec00d3a032511dde0121ec1ecc5d.woff
sinecop.com.br/theme/font/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
mod_pagespeed_beacon
sinecop.com.br/ |
0 28 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
favicon.ico
www.s-pankki.fi/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.s-pankki.fi
- URL
- https://www.s-pankki.fi/favicon.ico
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: S-Pankki (Banking)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| pagespeed1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sinecop.com.br/ | Name: PHPSESSID Value: 9a74d1498104282538f17ea8d4aed450 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
sinecop.com.br
www.s-pankki.fi
www.s-pankki.fi
104.234.235.202
12ff7afb9ce1ba9ea2034c0233f7f1fd52363b663aa0dd2efcde92c6746e501d
21c1ba8aa59654d4f6be2b79ce7aaa0f55ed8a55b399cd2e9283e97f328944f5
6051c5d895951296979b9ba33f9be39154922759cf4df444286eff5d95f2e3ca
bd8c8f98499c6e026c994f4e67d2f20bffa4fce15b5dc173751a8ca9d3b25dda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855