sinecop.com.br Open in urlscan Pro
104.234.235.202  Malicious Activity! Public Scan

Submitted URL: https://sinecop.com.br/f/spanel-19/user/loading.php
Effective URL: https://sinecop.com.br/f/spanel-19/user/login/spk.php
Submission: On December 07 via api from US — Scanned from CA

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 104.234.235.202, located in Canada and belongs to LGNET SERVICOS DE TELECOMUNICACOES LTDA, BR. The main domain is sinecop.com.br.
TLS certificate: Issued by R11 on December 2nd 2024. Valid for: 3 months.
This is the only time sinecop.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: S-Pankki (Banking)

Live information

Domain & IP information

IP Address AS Autonomous System
1 8 104.234.235.202 263522 (LGNET SER...)
8 2
Apex Domain
Subdomains
Transfer
8 sinecop.com.br
sinecop.com.br
133 KB
0 s-pankki.fi Failed
www.s-pankki.fi Failed
8 2
Domain Requested by
8 sinecop.com.br 1 redirects sinecop.com.br
0 www.s-pankki.fi Failed
8 2

This site contains no links.

Subject Issuer Validity Valid
*.sinecop.com.br
R11
2024-12-02 -
2025-03-02
3 months crt.sh

This page contains 1 frames:

Primary Page: https://sinecop.com.br/f/spanel-19/user/login/spk.php
Frame ID: 9CAD6A7FA8C1F442E14B01ED1544ABAC
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

S-Pankki

Page URL History Show full URLs

  1. https://sinecop.com.br/f/spanel-19/user/loading.php HTTP 302
    https://sinecop.com.br/f/spanel-19/user/login/spk.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

133 kB
Transfer

387 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sinecop.com.br/f/spanel-19/user/loading.php HTTP 302
    https://sinecop.com.br/f/spanel-19/user/login/spk.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request spk.php
sinecop.com.br/f/spanel-19/user/login/
Redirect Chain
  • https://sinecop.com.br/f/spanel-19/user/loading.php
  • https://sinecop.com.br/f/spanel-19/user/login/spk.php
8 KB
3 KB
Document
General
Full URL
https://sinecop.com.br/f/spanel-19/user/login/spk.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.234.235.202 , Canada, ASN263522 (LGNET SERVICOS DE TELECOMUNICACOES LTDA, BR),
Reverse DNS
Software
Apache /
Resource Hash
12ff7afb9ce1ba9ea2034c0233f7f1fd52363b663aa0dd2efcde92c6746e501d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, s-maxage=10
content-encoding
gzip
content-length
3200
content-type
text/html; charset=UTF-8
date
Sat, 07 Dec 2024 15:15:24 GMT
server
Apache
vary
Accept-Encoding
x-mod-pagespeed
1.13.35.2-0

Redirect headers

cache-control
no-store, no-cache, must-revalidate s-maxage=10
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 07 Dec 2024 15:15:24 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
login/spk.php
pragma
no-cache
server
Apache
auth.05f49022e1cd9c5b1b15.css
sinecop.com.br/f/spanel-19/user/login/Tunnistautuminen_files/
302 KB
56 KB
Stylesheet
General
Full URL
https://sinecop.com.br/f/spanel-19/user/login/Tunnistautuminen_files/auth.05f49022e1cd9c5b1b15.css
Requested by
Host: sinecop.com.br
URL: https://sinecop.com.br/f/spanel-19/user/login/spk.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.234.235.202 , Canada, ASN263522 (LGNET SERVICOS DE TELECOMUNICACOES LTDA, BR),
Reverse DNS
Software
Apache /
Resource Hash
bd8c8f98499c6e026c994f4e67d2f20bffa4fce15b5dc173751a8ca9d3b25dda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sinecop.com.br/f/spanel-19/user/login/spk.php

Response headers

cache-control
max-age=3600, public
content-encoding
gzip
accept-ranges
bytes
content-length
57288
date
Sat, 07 Dec 2024 15:15:24 GMT
last-modified
Tue, 07 May 2024 10:37:56 GMT
vary
Accept-Encoding
server
Apache
content-type
text/css
spankki.png
sinecop.com.br/f/spanel-19/user/login/Tunnistautuminen_files/
24 KB
20 KB
Image
General
Full URL
https://sinecop.com.br/f/spanel-19/user/login/Tunnistautuminen_files/spankki.png
Requested by
Host: sinecop.com.br
URL: https://sinecop.com.br/f/spanel-19/user/login/spk.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.234.235.202 , Canada, ASN263522 (LGNET SERVICOS DE TELECOMUNICACOES LTDA, BR),
Reverse DNS
Software
Apache /
Resource Hash
6051c5d895951296979b9ba33f9be39154922759cf4df444286eff5d95f2e3ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sinecop.com.br/f/spanel-19/user/login/spk.php

Response headers

cache-control
max-age=3600, public
content-encoding
gzip
accept-ranges
bytes
content-length
20876
date
Sat, 07 Dec 2024 15:15:24 GMT
last-modified
Tue, 07 May 2024 10:37:56 GMT
vary
Accept-Encoding
server
Apache
content-type
image/png
codetable%20(2).jpg
sinecop.com.br/f/spanel-19/user/login/Tunnistautuminen_files/
53 KB
53 KB
Image
General
Full URL
https://sinecop.com.br/f/spanel-19/user/login/Tunnistautuminen_files/codetable%20(2).jpg
Requested by
Host: sinecop.com.br
URL: https://sinecop.com.br/f/spanel-19/user/login/spk.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.234.235.202 , Canada, ASN263522 (LGNET SERVICOS DE TELECOMUNICACOES LTDA, BR),
Reverse DNS
Software
Apache /
Resource Hash
21c1ba8aa59654d4f6be2b79ce7aaa0f55ed8a55b399cd2e9283e97f328944f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sinecop.com.br/f/spanel-19/user/login/spk.php

Response headers

cache-control
max-age=3600, public
content-encoding
gzip
accept-ranges
bytes
content-length
54195
date
Sat, 07 Dec 2024 15:15:24 GMT
last-modified
Tue, 07 May 2024 10:37:56 GMT
vary
Accept-Encoding
server
Apache
content-type
image/jpeg
e2d3fd034896d1bc0fc5cd6586862202.woff
sinecop.com.br/theme/font/
0
0
Font
General
Full URL
https://sinecop.com.br/theme/font/e2d3fd034896d1bc0fc5cd6586862202.woff
Requested by
Host: sinecop.com.br
URL: https://sinecop.com.br/f/spanel-19/user/login/Tunnistautuminen_files/auth.05f49022e1cd9c5b1b15.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.234.235.202 , Canada, ASN263522 (LGNET SERVICOS DE TELECOMUNICACOES LTDA, BR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sinecop.com.br
Referer
https://sinecop.com.br/f/spanel-19/user/login/Tunnistautuminen_files/auth.05f49022e1cd9c5b1b15.css

Response headers

link
<https://sinecop.com.br/wp-json/>; rel="https://api.w.org/"
cache-control
no-cache, must-revalidate, max-age=0
content-encoding
gzip
expires
Wed, 11 Jan 1984 05:00:00 GMT
content-length
6735
date
Sat, 07 Dec 2024 15:15:25 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding,Cookie
server
Apache
5e1aec00d3a032511dde0121ec1ecc5d.woff
sinecop.com.br/theme/font/
0
0
Font
General
Full URL
https://sinecop.com.br/theme/font/5e1aec00d3a032511dde0121ec1ecc5d.woff
Requested by
Host: sinecop.com.br
URL: https://sinecop.com.br/f/spanel-19/user/login/Tunnistautuminen_files/auth.05f49022e1cd9c5b1b15.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.234.235.202 , Canada, ASN263522 (LGNET SERVICOS DE TELECOMUNICACOES LTDA, BR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sinecop.com.br
Referer
https://sinecop.com.br/f/spanel-19/user/login/Tunnistautuminen_files/auth.05f49022e1cd9c5b1b15.css

Response headers

link
<https://sinecop.com.br/wp-json/>; rel="https://api.w.org/"
cache-control
no-cache, must-revalidate, max-age=0
content-encoding
gzip
expires
Wed, 11 Jan 1984 05:00:00 GMT
content-length
6735
date
Sat, 07 Dec 2024 15:15:25 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding,Cookie
server
Apache
mod_pagespeed_beacon
sinecop.com.br/
0
28 B
XHR
General
Full URL
https://sinecop.com.br/mod_pagespeed_beacon?url=https%3A%2F%2Fsinecop.com.br%2Ff%2Fspanel-19%2Fuser%2Flogin%2Fspk.php
Requested by
Host: sinecop.com.br
URL: https://sinecop.com.br/f/spanel-19/user/login/spk.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.234.235.202 , Canada, ASN263522 (LGNET SERVICOS DE TELECOMUNICACOES LTDA, BR),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://sinecop.com.br/f/spanel-19/user/login/spk.php

Response headers

date
Sat, 07 Dec 2024 15:15:25 GMT
cache-control
max-age=0, no-cache
server
Apache
favicon.ico
www.s-pankki.fi/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.s-pankki.fi
URL
https://www.s-pankki.fi/favicon.ico

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: S-Pankki (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| pagespeed

1 Cookies

Domain/Path Name / Value
sinecop.com.br/ Name: PHPSESSID
Value: 9a74d1498104282538f17ea8d4aed450

2 Console Messages

Source Level URL
Text
network error URL: https://sinecop.com.br/theme/font/5e1aec00d3a032511dde0121ec1ecc5d.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sinecop.com.br/theme/font/e2d3fd034896d1bc0fc5cd6586862202.woff
Message:
Failed to load resource: the server responded with a status of 404 ()