synsurecropsciences.com
Open in
urlscan Pro
216.10.242.95
Malicious Activity!
Public Scan
Submission Tags: @ipnigh
Submission: On February 07 via api from GB
Summary
This is the only time synsurecropsciences.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Raiffeisen Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 216.10.242.95 216.10.242.95 | 394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY) | |
12 | 89.233.149.46 89.233.149.46 | 12767 (PRAGONET-AS) (PRAGONET-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:81d::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::2003 | 15169 (GOOGLE) (GOOGLE) | |
23 | 4 |
ASN15169 (GOOGLE, US)
translate.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
rb.cz
online.rb.cz |
384 KB |
8 |
synsurecropsciences.com
synsurecropsciences.com |
21 KB |
2 |
gstatic.com
www.gstatic.com |
3 KB |
1 |
googleapis.com
translate.googleapis.com |
4 KB |
23 | 4 |
Domain | Requested by | |
---|---|---|
12 | online.rb.cz |
synsurecropsciences.com
|
8 | synsurecropsciences.com |
synsurecropsciences.com
|
2 | www.gstatic.com |
synsurecropsciences.com
|
1 | translate.googleapis.com |
synsurecropsciences.com
|
23 | 4 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
online.rb.cz DigiCert SHA2 Extended Validation Server CA |
2018-08-31 - 2020-10-19 |
2 years | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-01-21 - 2020-04-14 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-01-21 - 2020-04-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://synsurecropsciences.com/raiffeisen/error.htm
Frame ID: BFBBD05406301B29BB893A9E2E973064
Requests: 23 HTTP requests in this frame
Screenshot
Detected technologies
Angular (JavaScript Frameworks) ExpandDetected patterns
- html /<[^>]+ ng-version="([\d.]+)"/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Dynatrace (Analytics) Expand
Detected patterns
- script /dtagent.*\.js/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Contact
Search URL Search Domain Scan URL
Title: Bezpečnost
Search URL Search Domain Scan URL
Title: Nápověda
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
error.htm
synsurecropsciences.com/raiffeisen/ |
20 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dtagent_ICA23STVbgjpqrvx_7000200141014.js
synsurecropsciences.com/dt/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.baed1affe9ef34280eaa.css
online.rb.cz/gaas/authorize/login/ |
303 KB 53 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gib-fragments.css
online.rb.cz/app/gib/ |
172 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translateelement.css
translate.googleapis.com/translate_static/css/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
runtime.4b3e0924272f3f1cd5b3.js
synsurecropsciences.com/raiffeisen/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfills.a032d72b2e443c1a0dcc.js
synsurecropsciences.com/raiffeisen/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts.541c83bb9cb6c140515c.js
synsurecropsciences.com/raiffeisen/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.8befbc06ed70e2861191.js
synsurecropsciences.com/raiffeisen/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.c87dea3a4da0b73c1d09.js
synsurecropsciences.com/raiffeisen/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ |
825 B 946 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
online.rb.cz/app/gib/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
runtime.4b3e0924272f3f1cd5b3.js
synsurecropsciences.com/raiffeisen/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-background.728da631c776c21d63bd.png
online.rb.cz/gaas/authorize/login/ |
86 KB 87 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.279e67c31d85e50d0dea.png
online.rb.cz/gaas/authorize/login/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-sms-normal.520091cd344646bb50e4.png
online.rb.cz/gaas/authorize/login/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-phone-footer.481c73252341199dee10.png
online.rb.cz/gaas/authorize/login/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-mail-info-footer.87022f0859994215f651.png
online.rb.cz/gaas/authorize/login/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
futuraTEE.76032a6f9b336acea221.woff
online.rb.cz/gaas/authorize/login/ |
27 KB 28 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
futuraTEEBold.8d0277c9512021a55f8b.woff
online.rb.cz/gaas/authorize/login/ |
27 KB 28 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ionicons.dd4781d1acc57ba4c480.ttf
online.rb.cz/gaas/authorize/login/ |
184 KB 109 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FuturaTOT-Demi.fca7ce123bee0dc9e3b2.woff
online.rb.cz/gaas/authorize/login/ |
19 KB 21 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Raiffeisen Bank (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
online.rb.cz
synsurecropsciences.com
translate.googleapis.com
www.gstatic.com
216.10.242.95
2a00:1450:4001:808::2003
2a00:1450:4001:81d::200a
89.233.149.46
0679c87b2cfcf6ce33093fa7ee14fa86a839f3f926a986e1b8b1d962ef3f0efa
0ee076fb765d7807b041a3a2685e7f052697c8a98db482ad12cd2a3135a3caaa
1514b45c9d9b4dfc3914d07d7e311b029bb125ef61b82e337c58bfbe78165613
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
2e26447e2542225b252aa996afdd91c4b967001a9a3043d88ecfd131800b2a3f
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
717dc4437ae1e36bcb7ee6b7f57fb44dc9ab9aca35c33ff2560484ef4f64095f
719f26fb69aac9f34d13884d48f71111087e07b6e1d353664c51a0aa4fe629b2
99b27633e72d0a0efc23402c62b01cc0ec5ff40821cd1a84c89a1ef31773612d
9d5379dfed235eb573009946f5d416d1468b624003fccf6e51daacb7c6fec08c
c810e91dc2a17c90f0a4c421ac99b6bc5c9bcb209fde13da08c6b9f12a60a1d5
c9b82a008c17eb547ed2993d77b1ae642f4c7743f85b6b5f1fb897996182a888
df56854bb12003e93d2ddf77e5f270be6cbd5358317d33caa64a1b35fd08eb4d
e6ed173db93bdb446ee662f3322f12fa09648b290e784bd786d63f5aa65fd32a
f7c9b9e3268768128bcc27bff0af10777b1b8e2539b39d572629ee1adec71a60