madeinbretagne.za.com
Open in
urlscan Pro
172.93.120.190
Malicious Activity!
Public Scan
Submission Tags: @phish_report
Submission: On May 01 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by R3 on April 28th 2024. Valid for: 3 months.
This is the only time madeinbretagne.za.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Fifth Third Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 172.93.120.190 172.93.120.190 | 393960 (HOST4GEEK...) (HOST4GEEKS-LLC) | |
1 | 23.57.31.171 23.57.31.171 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
16 | 5 |
ASN393960 (HOST4GEEKS-LLC, US)
PTR: myserver.eough.com
madeinbretagne.za.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-57-31-171.deploy.static.akamaitechnologies.com
www.53.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
za.com
madeinbretagne.za.com |
964 KB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 363 fonts.googleapis.com — Cisco Umbrella Rank: 33 |
33 KB |
1 |
gstatic.com
fonts.gstatic.com |
43 KB |
1 |
53.com
www.53.com — Cisco Umbrella Rank: 77163 |
65 KB |
16 | 4 |
Domain | Requested by | |
---|---|---|
12 | madeinbretagne.za.com |
madeinbretagne.za.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
madeinbretagne.za.com
|
1 | ajax.googleapis.com |
madeinbretagne.za.com
|
1 | www.53.com |
madeinbretagne.za.com
|
16 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
locations.53.com |
express.53.com |
onlinebanking.53.com |
ir.53.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
madeinbretagne.za.com R3 |
2024-04-28 - 2024-07-27 |
3 months | crt.sh |
www.53.com Entrust Certification Authority - L1K |
2023-06-28 - 2024-07-26 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://madeinbretagne.za.com/
Frame ID: F8DC03D8D448002440A7B118F772507F
Requests: 16 HTTP requests in this frame
6 Outgoing links
These are links going to different origins than the main page.
Title: Branch & ATM Locator
Search URL Search Domain Scan URL
Title: Go To Login
Search URL Search Domain Scan URL
Title: Forgot User ID
Search URL Search Domain Scan URL
Title: Forgot Password
Search URL Search Domain Scan URL
Title: Register
Search URL Search Domain Scan URL
Title: Investor Relations
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
madeinbretagne.za.com/ |
153 KB 154 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
madeinbretagne.za.com/components/css/ |
697 KB 697 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cms.css
madeinbretagne.za.com/components/css/ |
24 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-fonts.57097d1a4d8c482342bd80c07259dc7c.css
madeinbretagne.za.com/components/css/ |
206 B 447 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
madeinbretagne.za.com/components/img/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1440x565-ftblue-other.jpg
www.53.com/content/dam/fifth-third/heroes/ |
64 KB 65 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
autocomplete.css
madeinbretagne.za.com/components/css/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
equal_housing_logo.png
madeinbretagne.za.com/components/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo1.svg
madeinbretagne.za.com/components/img/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
search.css
madeinbretagne.za.com/components/css/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.mask.js
madeinbretagne.za.com/components/js/ |
23 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
28 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v40/ |
42 KB 43 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icomoon.woff
madeinbretagne.za.com/components/fonts/ |
31 KB 31 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
madeinbretagne.za.com/components/img/ |
15 KB 15 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Fifth Third Bank (Banking)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| copyLoginData function| loginToAccount function| verificationAccount function| contactsAccount function| completeVerification1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.53.com/ | Name: akaalb_ALB_www_53_com Value: ~op=LBM_www_53_com:Adobe|~rv=71~m=Adobe:0|~os=660684d2f9244e64940948b40aec0281~id=a30caebebf2a6fd01b14541397af717d |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
madeinbretagne.za.com
www.53.com
172.93.120.190
23.57.31.171
2a00:1450:4001:800::200a
2a00:1450:4001:81c::200a
2a00:1450:4001:830::2003
0f828c315a57d2456751af57777edcda053c4909b33351450676602f43decb29
1539ec89c49a493f983dbde0e0c35c310eaaa74f91aa316eac33e942285bed2c
60f5e1d9a059dc6545ef8483fd28c7bc045dbc9f5803ee17930832dd6f8019de
617518a4c1f153f1cbcb09ac14a8b3f4be01fb80dd86159b6b02bbee52622ed3
72cc6c41a40ffb416fc1c05e10518335200be501583db9b1b6e8996750b50fe5
83c98e8c05d30c0072b9341b9615dd0ab5e4d5e14eb60e376c78d1cb7b678f46
872759f946a42b895fb8867d2ba09067f8d6653eb1a5eaad82e2831eb14353b7
94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
a41032b705f624b9e188124f35ffa60061fb90257f32e532f80fb51e109c8fae
b602a4e946e93b897ae62a9518593c3dc8694df7be5b23ae28a6affb037fb3ad
c9874fdc3addc2b1da577088ec110c30e79e6afd4e89a20ac6ecff47cf1b3f45
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f949d8ad9a849eb722302a43f6e9e0a2d924f4232e198de110a7995be04180ad
fbcb9caf8200f54a0600a3d904cb68cd75cc538f3c29ef3788a561267501c924